USN-760-1 -- cups, cupsys vulnerability
|ID: oval:org.secpod.oval:def:700453||Date: (C)2011-05-13 (M)2017-11-27|
|Class: PATCH||Family: unix|
It was discovered that CUPS did not properly check the height of TIFF images. If a user or automated system were tricked into opening a crafted TIFF image file, a remote attacker could cause a denial of service or possibly execute arbitrary code with user privileges. In Ubuntu 7.10, 8.04 LTS, and 8.10, attackers would be isolated by the AppArmor CUPS profile.