Xpdf/CUPS pdftops Integer Overflow Vulnerability

The Xpdf/CUPS pdftops filter is prone to an integer overflow. As a result, it may be possible to corrupt memory with attacker-supplied data and cause arbitrary code to be executed.

The method of exploitation may vary. If an attacker can entice a user to print a malformed file from the command line using the vulnerable filter, it may be possible to execute code with the privileges of that user. Other methods of exploitation may allow the attacker to gain elevated privileges (such as that of the 'lp' user).


 

Privacy Statement
Copyright 2010, SecurityFocus