Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3641

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-3641
Last Modified 29 Oct 2012 11:15:17
Published 10 Oct 2008 06:30:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3641

Summary

The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory.

Vulnerable Systems

Application

  • Apple Cups 1.1

  • Apple Cups 1.1.1

  • Apple Cups 1.1.10

  • Apple Cups 1.1.10-1

  • Apple Cups 1.1.11

  • Apple Cups 1.1.12

  • Apple Cups 1.1.13

  • Apple Cups 1.1.14

  • Apple Cups 1.1.15

  • Apple Cups 1.1.16

  • Apple Cups 1.1.17

  • Apple Cups 1.1.18

  • Apple Cups 1.1.19

  • Apple Cups 1.1.2

  • Apple Cups 1.1.20

  • Apple Cups 1.1.21

  • Apple Cups 1.1.22

  • Apple Cups 1.1.23

  • Apple Cups 1.1.3

  • Apple Cups 1.1.4

  • Apple Cups 1.1.5

  • Apple Cups 1.1.5-1

  • Apple Cups 1.1.5-2

  • Apple Cups 1.1.6

  • Apple Cups 1.1.6-1

  • Apple Cups 1.1.6-2

  • Apple Cups 1.1.6-3

  • Apple Cups 1.1.7

  • Apple Cups 1.1.8

  • Apple Cups 1.1.9

  • Apple Cups 1.1.9-1

  • Apple Cups 1.2

  • Apple Cups 1.2.0

  • Apple Cups 1.2.1

  • Apple Cups 1.2.10

  • Apple Cups 1.2.11

  • Apple Cups 1.2.12

  • Apple Cups 1.2.2

  • Apple Cups 1.2.3

  • Apple Cups 1.2.4

  • Apple Cups 1.2.5

  • Apple Cups 1.2.6

  • Apple Cups 1.2.7

  • Apple Cups 1.2.8

  • Apple Cups 1.2.9

  • Apple Cups 1.3

  • Apple Cups 1.3.0

  • Apple Cups 1.3.1

  • Apple Cups 1.3.2

  • Apple Cups 1.3.3

  • Apple Cups 1.3.4

  • Apple Cups 1.3.5

  • Apple Cups 1.3.6

  • Apple Cups 1.3.7

  • Apple Cups 1.3.8


References

BID - 31681

FEDORA - FEDORA-2008-8844

FEDORA - FEDORA-2008-8801

XF - cups-hpgl-code-execution(45779)

MISC - http://www.zerodayinitiative.com/advisories/ZDI-08-067

VUPEN - ADV-2009-1568

VUPEN - ADV-2008-3401

VUPEN - ADV-2008-2782

VUPEN - ADV-2008-2780

UBUNTU - USN-656-1

SECTRACK - 1021031

BID - 31688

BUGTRAQ - 20081010 ZDI-08-067: Apple CUPS 1.3.7 (HP-GL/2 filter) Remote Code Execution Vulnerability

REDHAT - RHSA-2008:0937

MANDRIVA - MDVSA-2008:211

GENTOO - GLSA-200812-11

DEBIAN - DSA-1656

CONFIRM - http://www.cups.org/str.php?L2911

CONFIRM - http://www.cups.org/articles.php?L575

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm

CONFIRM - http://support.apple.com/kb/HT3216

SUNALERT - 261088

SECUNIA - 33568

SECUNIA - 33111

SECUNIA - 33085

SECUNIA - 32316

SECUNIA - 32292

SECUNIA - 32284

SECUNIA - 32226

SECUNIA - 32222

SECUNIA - 32084

SUSE - SUSE-SR:2009:002

SUSE - SUSE-SR:2008:021

APPLE - APPLE-SA-2008-10-09

SECUNIA - 32331

Related Patches

Apple 2008-10-09 Security Update 2008-007 Client (PPC)

Apple 2008-10-09 Security Update 2008-007 Server (PPC)

Apple 2008-10-09 Security Update 2008-007 Client (Intel)

Apple 2008-10-09 Security Update 2008-007 Server (Universal)

Apple 2008-10-09 Security Update 2008-007 Server (Leopard)

Apple 2008-10-09 Security Update 2008-007 Client (Leopard)

Novell SUSE 2008:5653 cups security update for SLE 10 i586


Last Updated: 27 May 2016 11:01:18