SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2008-3641

Date: (C)2008-10-10 (M)2024-01-04

The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE

Reference:

SECTRACK-1021031

http://www.securityfocus.com/archive/1/497221/100/0/threaded

SUNALERT-261088

APPLE-SA-2008-10-09

FEDORA-2008-8801

FEDORA-2008-8844

SUSE-SR:2008:021

SUSE-SR:2009:002

cups-hpgl-code-execution(45779)

http://support.apple.com/kb/HT3216

http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm

http://www.cups.org/articles.php?L575

http://www.cups.org/str.php?L2911

http://www.zerodayinitiative.com/advisories/ZDI-08-067

oval:org.mitre.oval:def:9666

cpe:/a:apple:cups:1.2.12
cpe:/a:apple:cups:1.2.11
cpe:/a:apple:cups:1.3:rc1
cpe:/a:apple:cups:1.3:rc2
...

oval:org.secpod.oval:def:301543
oval:org.mitre.oval:def:8170
oval:org.secpod.oval:def:102076

© SecPod Technologies