Integer Overflow in CUPS Product Affects Image Processing Capabilities
CVE-2009-0163

Currently unrated

Key Information:

Vendor

Apple
Status
Cups
Vendor
CVE Published:
23 April 2009

What is CVE-2009-0163?

An integer overflow vulnerability exists in the TIFF image decoding routines of CUPS versions 1.3.9 and earlier. This flaw can be exploited by remote attackers to trigger a denial of service through a crafted TIFF image. The flawed handling of the image within the _cupsImageReadTIFF function in the imagetops filter and the imagetoraster filter may lead to a heap-based buffer overflow, potentially allowing attackers to execute arbitrary code, impacting system integrity and availability.

References

http://security.gentoo.org/glsa/glsa-200904-20.xml
vendor-advisoryx_refsource_GENTOO
http://www.cups.org/articles.php?L582
x_refsource_CONFIRM
http://www.ubuntu.com/usn/usn-760-1
vendor-advisoryx_refsource_UBUNTU

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.