Buffer overflow in Apple Cups

CVE-2011-3170

The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary…

Vulnerability class: Buffer Overflow

EPSS: 0.091 (92.8th percentile) — read the EPSS interpretation.

Affected products

Apple Cups — versions 1.1, 1.1.1, 1.1.2
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

USN-1207-1 (x_refsource_UBUNTU, vendor-advisory)
cve@mitre.org (x_refsource_CONFIRM, Patch)
DSA-2354 (vendor-advisory, x_refsource_DEBIAN)
46024 (x_refsource_SECUNIA, third-party-advisory)
1025980 (vdb-entry, x_refsource_SECTRACK)
GLSA-201207-10 (vendor-advisory, x_refsource_GENTOO)
MDVSA-2011:146 (vendor-advisory, x_refsource_MANDRIVA)
45796 (x_refsource_SECUNIA, third-party-advisory)
cups-gifreadlzw-function-bo(69380) (vdb-entry, x_refsource_XF)
MDVSA-2011:147 (vendor-advisory, x_refsource_MANDRIVA)