Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3640

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-3640
Last Modified 29 Oct 2012 11:15:17
Published 14 Oct 2008 05:10:35
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3640

Summary

Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow.

Vulnerable Systems

Application

  • Apple Cups 1.1

  • Apple Cups 1.1.1

  • Apple Cups 1.1.10

  • Apple Cups 1.1.10-1

  • Apple Cups 1.1.11

  • Apple Cups 1.1.12

  • Apple Cups 1.1.13

  • Apple Cups 1.1.14

  • Apple Cups 1.1.15

  • Apple Cups 1.1.16

  • Apple Cups 1.1.17

  • Apple Cups 1.1.18

  • Apple Cups 1.1.19

  • Apple Cups 1.1.2

  • Apple Cups 1.1.20

  • Apple Cups 1.1.21

  • Apple Cups 1.1.22

  • Apple Cups 1.1.23

  • Apple Cups 1.1.3

  • Apple Cups 1.1.4

  • Apple Cups 1.1.5

  • Apple Cups 1.1.5-1

  • Apple Cups 1.1.5-2

  • Apple Cups 1.1.6

  • Apple Cups 1.1.6-1

  • Apple Cups 1.1.6-2

  • Apple Cups 1.1.6-3

  • Apple Cups 1.1.7

  • Apple Cups 1.1.8

  • Apple Cups 1.1.9

  • Apple Cups 1.1.9-1

  • Apple Cups 1.2

  • Apple Cups 1.2.0

  • Apple Cups 1.2.1

  • Apple Cups 1.2.10

  • Apple Cups 1.2.11

  • Apple Cups 1.2.12

  • Apple Cups 1.2.2

  • Apple Cups 1.2.3

  • Apple Cups 1.2.4

  • Apple Cups 1.2.5

  • Apple Cups 1.2.6

  • Apple Cups 1.2.7

  • Apple Cups 1.2.8

  • Apple Cups 1.2.9

  • Apple Cups 1.3

  • Apple Cups 1.3.0

  • Apple Cups 1.3.1

  • Apple Cups 1.3.2

  • Apple Cups 1.3.3

  • Apple Cups 1.3.4

  • Apple Cups 1.3.5

  • Apple Cups 1.3.6

  • Apple Cups 1.3.7

  • Apple Cups 1.3.8


References

BID - 31690

FEDORA - FEDORA-2008-8844

FEDORA - FEDORA-2008-8801

XF - cups-writeprolog-bo(45790)

VUPEN - ADV-2009-1568

VUPEN - ADV-2008-3401

VUPEN - ADV-2008-2782

UBUNTU - USN-656-1

SECTRACK - 1021034

REDHAT - RHSA-2008:0937

MANDRIVA - MDVSA-2008:211

GENTOO - GLSA-200812-11

DEBIAN - DSA-1656

CONFIRM - http://www.cups.org/str.php?L2919

CONFIRM - http://www.cups.org/articles.php?L575

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm

SUNALERT - 261088

SECUNIA - 33111

SECUNIA - 33085

SECUNIA - 32316

SECUNIA - 32292

SECUNIA - 32284

SECUNIA - 32226

SECUNIA - 32084

SUSE - SUSE-SR:2008:021

IDEFENSE - 20081009 Multiple Vendor CUPS texttops Integer Overflow Vulnerability

SECUNIA - 32331

Related Patches

Novell SUSE 2008:5653 cups security update for SLE 10 i586


Last Updated: 27 May 2016 11:01:18