CUPS 'gif_read_lzw()' GIF File Buffer Overflow Vulnerability

CUPS is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied GIF image data before copying it to an insufficiently sized buffer.

Successful exploits allow attackers to execute arbitrary code with the privileges of a user running the utilities. Failed exploit attempts likely cause denial-of-service conditions.

CUPS 1.3.6 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus