[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96125

 
 

909

 
 

78020

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-1373

Date: (C)2008-04-03   (M)2017-10-04
 
CVSS Score: 5.8Access Vector: ADJACENT_NETWORK
Exploitability Subscore: 6.5Access Complexity: LOW
Impact Subscore: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL











Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484.

Reference:
SECTRACK-1019739
http://www.securityfocus.com/archive/1/archive/1/490486/100/0/threaded
BID-28544
SECUNIA-29573
SECUNIA-29603
SECUNIA-29630
SECUNIA-29634
SECUNIA-29655
SECUNIA-29659
SECUNIA-29661
SECUNIA-29750
SECUNIA-31324
ADV-2008-1059
DSA-1625
FEDORA-2008-2131
FEDORA-2008-2897
GLSA-200804-01
MDVSA-2008:081
RHSA-2008:0192
RHSA-2008:0206
SUSE-SA:2008:020
USN-598-1
cups-gifreadlzw-bo(41587)
http://wiki.rpath.com/Advisories:rPSA-2008-0136
http://www.cups.org/str.php?L2765

CWE    1
CWE-119
OVAL    3
oval:org.secpod.oval:def:301265
oval:org.mitre.oval:def:7208
oval:org.secpod.oval:def:102076

© 2013 SecPod Technologies