• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

CUPS Image Filter Zero Width GIF Memory Corruption Vulnerability

CUPS image filters do not properly handle GIF files with a width field set to zero. As a result, if an attacker submits a properly malformed image, it may be possible to corrupt memory with attacker-supplied data.

Successful exploitation will result in arbitrary code execution in the security context of CUPS. The attacker must be able to cause the malformed image to be processed by CUPS to exploit this issue.