CUPS '_cupsImageReadTIFF()' Integer Overflow Vulnerability

CUPS is prone to an integer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied TIFF image sizes before using them to allocate memory buffers.

Successful exploits may allow attackers to execute arbitrary code with the privileges of a user running the utilities. Failed exploit attempts likely cause denial-of-service conditions.

Versions prior to CUPS 1.3.10 are vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus