Integer Overflow Vulnerability in CUPS 1.1.17 on Red Hat Enterprise Linux
CVE-2009-0577

Currently unrated

Key Information:

Vendor: Apple
Status: Cups
Vendor: CVE Published:; 20 February 2009

Summary

An integer overflow in the WriteProlog function of CUPS 1.1.17 on Red Hat Enterprise Linux 3 enables remote attackers to exploit a crafted PostScript file, resulting in a heap-based buffer overflow. This vulnerability potentially allows for the execution of arbitrary code, which can have severe implications for system integrity and security. The flaw arises from an inadequate fix for a previous vulnerability, highlighting the importance of thorough testing and patch implementation.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/48977

vdb-entryx_refsource_XF

http://secunia.com/advisories/33995

third-party-advisoryx_refsource_SECUNIA

http://support.avaya.com/elmodocs2/security/ASA-2009-064.htm

x_refsource_CONFIRM

Timeline

Vulnerability published
Feb 20, 2009
Vulnerability Reserved
Feb 13, 2009