Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2896

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2011-2896
Last Modified 29 Jul 2013 12:42:55
Published 19 Aug 2011 01:55:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2011-2896

Summary

The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895.

Vulnerable Systems

Application

  • Apple Cups 1.1

  • Apple Cups 1.1.1

  • Apple Cups 1.1.10

  • Apple Cups 1.1.10-1

  • Apple Cups 1.1.11

  • Apple Cups 1.1.12

  • Apple Cups 1.1.13

  • Apple Cups 1.1.14

  • Apple Cups 1.1.15

  • Apple Cups 1.1.16

  • Apple Cups 1.1.17

  • Apple Cups 1.1.18

  • Apple Cups 1.1.19

  • Apple Cups 1.1.2

  • Apple Cups 1.1.20

  • Apple Cups 1.1.21

  • Apple Cups 1.1.22

  • Apple Cups 1.1.23

  • Apple Cups 1.1.3

  • Apple Cups 1.1.4

  • Apple Cups 1.1.5

  • Apple Cups 1.1.5-1

  • Apple Cups 1.1.5-2

  • Apple Cups 1.1.6

  • Apple Cups 1.1.6-1

  • Apple Cups 1.1.6-2

  • Apple Cups 1.1.6-3

  • Apple Cups 1.1.7

  • Apple Cups 1.1.8

  • Apple Cups 1.1.9

  • Apple Cups 1.1.9-1

  • Apple Cups 1.2

  • Apple Cups 1.2.0

  • Apple Cups 1.2.1

  • Apple Cups 1.2.10

  • Apple Cups 1.2.11

  • Apple Cups 1.2.12

  • Apple Cups 1.2.2

  • Apple Cups 1.2.3

  • Apple Cups 1.2.4

  • Apple Cups 1.2.5

  • Apple Cups 1.2.6

  • Apple Cups 1.2.7

  • Apple Cups 1.2.8

  • Apple Cups 1.2.9

  • Apple Cups 1.3

  • Apple Cups 1.3.0

  • Apple Cups 1.3.1

  • Apple Cups 1.3.10

  • Apple Cups 1.3.11

  • Apple Cups 1.3.2

  • Apple Cups 1.3.3

  • Apple Cups 1.3.4

  • Apple Cups 1.3.5

  • Apple Cups 1.3.6

  • Apple Cups 1.3.7

  • Apple Cups 1.3.8

  • Apple Cups 1.3.9

  • Apple Cups 1.4

  • Apple Cups 1.4.0

  • Apple Cups 1.4.1

  • Apple Cups 1.4.2

  • Apple Cups 1.4.3

  • Apple Cups 1.4.4

  • Apple Cups 1.4.5

  • Apple Cups 1.4.6

  • Gnu Gimp 1.0.4

  • Gnu Gimp 1.2.5

  • Gnu Gimp 2.0.0

  • Gnu Gimp 2.0.1

  • Gnu Gimp 2.0.2

  • Gnu Gimp 2.0.3

  • Gnu Gimp 2.0.4

  • Gnu Gimp 2.0.5

  • Gnu Gimp 2.0.6

  • Gnu Gimp 2.2.0

  • Gnu Gimp 2.2.1

  • Gnu Gimp 2.2.10

  • Gnu Gimp 2.2.11

  • Gnu Gimp 2.2.12

  • Gnu Gimp 2.2.13

  • Gnu Gimp 2.2.14

  • Gnu Gimp 2.2.15

  • Gnu Gimp 2.2.16

  • Gnu Gimp 2.2.17

  • Gnu Gimp 2.2.2

  • Gnu Gimp 2.2.3

  • Gnu Gimp 2.2.4

  • Gnu Gimp 2.2.5

  • Gnu Gimp 2.2.6

  • Gnu Gimp 2.2.7

  • Gnu Gimp 2.2.8

  • Gnu Gimp 2.2.9

  • Gnu Gimp 2.4.0

  • Gnu Gimp 2.4.1

  • Gnu Gimp 2.4.2

  • Gnu Gimp 2.4.3

  • Gnu Gimp 2.4.4

  • Gnu Gimp 2.4.5

  • Gnu Gimp 2.4.6

  • Gnu Gimp 2.4.7

  • Gnu Gimp 2.6.0

  • Gnu Gimp 2.6.1

  • Gnu Gimp 2.6.10

  • Gnu Gimp 2.6.11

  • Gnu Gimp 2.6.2

  • Gnu Gimp 2.6.3

  • Gnu Gimp 2.6.4

  • Gnu Gimp 2.6.5

  • Gnu Gimp 2.6.6

  • Gnu Gimp 2.6.7

  • Gnu Gimp 2.6.8

  • Gnu Gimp 2.6.9

  • Swi-prolog 2.7.14

  • Swi-prolog 2.7.15

  • Swi-prolog 2.7.19

  • Swi-prolog 2.8.2

  • Swi-prolog 2.9.11

  • Swi-prolog 2.9.7

  • Swi-prolog 2.9.9

  • Swi-prolog 3.1.2

  • Swi-prolog 3.2.8

  • Swi-prolog 3.3.10

  • Swi-prolog 3.4.5

  • Swi-prolog 4.0.11

  • Swi-prolog 5.0.10

  • Swi-prolog 5.10.0

  • Swi-prolog 5.10.1

  • Swi-prolog 5.10.2

  • Swi-prolog 5.10.3

  • Swi-prolog 5.10.4

  • Swi-prolog 5.2.13

  • Swi-prolog 5.4.7

  • Swi-prolog 5.6.50

  • Swi-prolog 5.6.51

  • Swi-prolog 5.6.52

  • Swi-prolog 5.6.53

  • Swi-prolog 5.6.54

  • Swi-prolog 5.6.55

  • Swi-prolog 5.6.56

  • Swi-prolog 5.6.57

  • Swi-prolog 5.6.58

  • Swi-prolog 5.6.59

  • Swi-prolog 5.6.61

  • Swi-prolog 5.6.62

  • Swi-prolog 5.6.63

  • Swi-prolog 5.6.64

  • Swi-prolog 5.8.0

  • Swi-prolog 5.8.1

  • Swi-prolog 5.8.2

  • Swi-prolog 5.8.3


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=727800

MLIST - [oss-security] 20110810 LZW decompression issues

CONFIRM - http://git.gnome.org/browse/gimp/commit/?id=376ad788c1a1c31d40f18494889c383f6909ebfc

CONFIRM - http://cups.org/str.php?L3867

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=730338

UBUNTU - USN-1214-1

UBUNTU - USN-1207-1

CONFIRM - http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c4

SECTRACK - 1025929

BID - 49148

MANDRIVA - MDVSA-2011:146

SECUNIA - 46024

SECUNIA - 45948

SECUNIA - 45945

SECUNIA - 45900

SECUNIA - 45621

FEDORA - FEDORA-2011-11229

FEDORA - FEDORA-2011-11221

FEDORA - FEDORA-2011-11318

FEDORA - FEDORA-2011-11305

FEDORA - FEDORA-2011-11173

FEDORA - FEDORA-2011-11197

REDHAT - RHSA-2011:1635

MANDRIVA - MDVSA-2011:167

DEBIAN - DSA-2354

REDHAT - RHSA-2012:1181

REDHAT - RHSA-2012:1180

GENTOO - GLSA-201209-23

SECUNIA - 50737

Related Patches

Red Hat 2012:0302-03 RHSA Low: cups security and bug fix update for RHEL 5 x86

Red Hat 2012:0302-03 RHSA Low: cups security and bug fix update for RHEL 5 x86_64

Red Hat 2012:1181-01 RHSA Moderate: gimp security update for RHEL 5 x86

Red Hat 2012:1181-01 RHSA Moderate: gimp security update for RHEL 5 x86_64

Novell SUSE 2011:5180 cups security update for SLE 11 SP1 i586

Novell SUSE 2011:7775 cups security update for SLE 10 SP4 i586


Last Updated: 27 May 2016 10:57:21