CUPS PNG Filter Multiple Integer Overflow Vulnerabilities

CUPS is prone to multiple integer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied PNG image sizes before using them to allocate memory buffers.

Successful exploits may allow attackers to execute arbitrary code with the privileges of a user running the utilities. Failed exploit attempts likely cause denial-of-service conditions.

CUPS 1.3.7 is vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus