[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-1373Date: (C)2008-04-03   (M)2024-01-04


Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.8
Exploit Score: 6.5
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: ADJACENT_NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1019739
http://www.securityfocus.com/archive/1/490486/100/0/threaded
BID-28544
SECUNIA-29573
SECUNIA-29603
SECUNIA-29630
SECUNIA-29634
SECUNIA-29655
SECUNIA-29659
SECUNIA-29661
SECUNIA-29750
SECUNIA-31324
ADV-2008-1059
DSA-1625
FEDORA-2008-2131
FEDORA-2008-2897
GLSA-200804-01
MDVSA-2008:081
RHSA-2008:0192
RHSA-2008:0206
SUSE-SA:2008:020
USN-598-1
cups-gifreadlzw-bo(41587)
http://wiki.rpath.com/Advisories:rPSA-2008-0136
http://www.cups.org/str.php?L2765
oval:org.mitre.oval:def:11479

CWE    1
CWE-119
OVAL    3
oval:org.secpod.oval:def:301265
oval:org.mitre.oval:def:7208
oval:org.secpod.oval:def:102076

© SecPod Technologies