• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

CUPS '_cupsImageReadTIFF()' Integer Overflow Vulnerability

Bugtraq ID:	34571
Class:	Boundary Condition Error
CVE:	CVE-2009-0163
Remote:	Yes
Local:	No
Published:	Apr 16 2009 12:00AM
Updated:	Oct 20 2009 04:18PM
Credit:	iDefense
Vulnerable:	Ubuntu Ubuntu Linux 8.10 sparc Ubuntu Ubuntu Linux 8.10 powerpc Ubuntu Ubuntu Linux 8.10 lpia Ubuntu Ubuntu Linux 8.10 i386 Ubuntu Ubuntu Linux 8.10 amd64 Ubuntu Ubuntu Linux 8.04 LTS sparc Ubuntu Ubuntu Linux 8.04 LTS powerpc Ubuntu Ubuntu Linux 8.04 LTS lpia Ubuntu Ubuntu Linux 8.04 LTS i386 Ubuntu Ubuntu Linux 8.04 LTS amd64 Ubuntu Ubuntu Linux 7.10 sparc Ubuntu Ubuntu Linux 7.10 powerpc Ubuntu Ubuntu Linux 7.10 lpia Ubuntu Ubuntu Linux 7.10 i386 Ubuntu Ubuntu Linux 7.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 Slackware Linux 12.2 Slackware Linux 12.1 Slackware Linux 12.0 Slackware Linux -current S.u.S.E. SUSE Linux Enterprise Server 10 SP2 S.u.S.E. SUSE Linux Enterprise Desktop 10 SP2 S.u.S.E. SLE 11 S.u.S.E. openSUSE 11.1 S.u.S.E. openSUSE 11.0 S.u.S.E. openSUSE 10.3 S.u.S.E. Open-Enterprise-Server 0 S.u.S.E. Novell Linux POS 9 S.u.S.E. Novell Linux Desktop 9 S.u.S.E. Linux Enterprise Server 9 rPath rPath Linux 2 rPath rPath Linux 1 RedHat Fedora 9 0 RedHat Fedora 10 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux Desktop Workstation 5 client RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux AS 4 RedHat Enterprise Linux AS 3 RedHat Enterprise Linux Desktop version 4 RedHat Enterprise Linux 5 server RedHat Desktop 3.0 Pardus Linux 2008 0 MandrakeSoft Multi Network Firewall 2.0 MandrakeSoft Linux Mandrake 2009.0 x86_64 MandrakeSoft Linux Mandrake 2009.0 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0 Gentoo Linux Easy Software Products CUPS 1.3.9 Easy Software Products CUPS 1.3.8 Easy Software Products CUPS 1.3.7 Easy Software Products CUPS 1.3.6 Easy Software Products CUPS 1.3.5 Easy Software Products CUPS 1.3.3 Easy Software Products CUPS 1.3.2 Easy Software Products CUPS 1.2.12 Easy Software Products CUPS 1.2.10 Easy Software Products CUPS 1.2.9 Easy Software Products CUPS 1.2.8 Easy Software Products CUPS 1.2.4 Easy Software Products CUPS 1.2.2 Easy Software Products CUPS 1.1.23 rc1 Easy Software Products CUPS 1.1.23 Easy Software Products CUPS 1.1.22 rc1 Easy Software Products CUPS 1.1.22 Easy Software Products CUPS 1.1.21 + MandrakeSoft Linux Mandrake 10.1 x86_64 + MandrakeSoft Linux Mandrake 10.1 Easy Software Products CUPS 1.1.20 Easy Software Products CUPS 1.1.19 rc5 Easy Software Products CUPS 1.1.19 Easy Software Products CUPS 1.1.18 + Conectiva Linux 9.0 + MandrakeSoft Corporate Server 2.1 x86_64 + MandrakeSoft Corporate Server 2.1 + MandrakeSoft Linux Mandrake 9.0 + MandrakeSoft Multi Network Firewall 2.0 + S.u.S.E. Linux Personal 8.2 Easy Software Products CUPS 1.1.17 + RedHat Desktop 3.0 + RedHat Enterprise Linux AS 3 + RedHat Enterprise Linux ES 3 + RedHat Enterprise Linux WS 3 Easy Software Products CUPS 1.1.16 Easy Software Products CUPS 1.1.15 + Conectiva Linux Enterprise Edition 1.0 + S.u.S.E. Linux 8.1 Easy Software Products CUPS 1.1.14 + Conectiva Linux 8.0 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 + MandrakeSoft Linux Mandrake 8.2 ppc + MandrakeSoft Linux Mandrake 8.2 Easy Software Products CUPS 1.1.13 Easy Software Products CUPS 1.1.12 + S.u.S.E. Linux 8.0 i386 + S.u.S.E. Linux 8.0 Easy Software Products CUPS 1.1.10 + Caldera OpenLinux Server 3.1.1 + Caldera OpenLinux Workstation 3.1.1 + Conectiva Linux 7.0 + Conectiva Linux 6.0 + MandrakeSoft Linux Mandrake 8.1 ia64 + MandrakeSoft Linux Mandrake 8.1 + S.u.S.E. Linux 7.3 sparc + S.u.S.E. Linux 7.3 ppc + S.u.S.E. Linux 7.3 i386 Easy Software Products CUPS 1.1.7 Easy Software Products CUPS 1.1.6 + Caldera OpenLinux Server 3.1 + Caldera OpenLinux Workstation 3.1 + MandrakeSoft Linux Mandrake 8.0 ppc + MandrakeSoft Linux Mandrake 8.0 + S.u.S.E. Linux 7.2 i386 + S.u.S.E. Linux 7.1 x86 + S.u.S.E. Linux 7.1 sparc + S.u.S.E. Linux 7.1 ppc + S.u.S.E. Linux 7.1 alpha Easy Software Products CUPS 1.1.4 -5 Easy Software Products CUPS 1.1.4 -3 + MandrakeSoft Linux Mandrake 7.2 Easy Software Products CUPS 1.1.4 -2 + Debian Linux 2.3 Easy Software Products CUPS 1.1.4 Easy Software Products CUPS 1.1.1 + RedHat PowerTools 7.0 Easy Software Products CUPS 1.0.4 -8 + Debian Linux 2.2 Easy Software Products CUPS 1.0.4 DrPhibez and Nitro187 Guild FTPD 1.1.19 rc5 Debian Linux 5.0 sparc Debian Linux 5.0 s/390 Debian Linux 5.0 powerpc Debian Linux 5.0 mipsel Debian Linux 5.0 mips Debian Linux 5.0 m68k Debian Linux 5.0 ia-64 Debian Linux 5.0 ia-32 Debian Linux 5.0 hppa Debian Linux 5.0 armel Debian Linux 5.0 arm Debian Linux 5.0 amd64 Debian Linux 5.0 alpha Debian Linux 5.0 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 armel Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 Avaya Proactive Contact 4.0 Avaya Messaging Storage Server MSS 3.0 Avaya Messaging Storage Server MM3.0 Avaya Messaging Storage Server 5.0 Avaya Messaging Storage Server 4.0 Avaya Messaging Storage Server 3.1 Avaya Messaging Storage Server 2.0 Avaya Messaging Storage Server 1.0 Avaya Messaging Storage Server Avaya Message Networking MN 3.1 Avaya Message Networking 3.1 Avaya Message Networking Avaya Intuity AUDIX LX 2.0 SP2 Avaya Intuity AUDIX LX 2.0 SP1 Avaya Intuity AUDIX LX 2.0 Avaya Intuity AUDIX LX 1.0
Not Vulnerable:	Easy Software Products CUPS 1.3.10