Heap-based Buffer Overflow in CUPS Product by Apple
CVE-2011-3170

Currently unrated

Key Information:

Vendor

Apple
Status
Cups
Vendor
CVE Published:
19 August 2011

What is CVE-2011-3170?

The gif_read_lzw function within filter/image-gif.c of CUPS versions 1.4.8 and earlier is susceptible to a heap-based buffer overflow due to improper handling of the first code word in an LZW stream. This flaw can be exploited by remote attackers to potentially execute arbitrary code through a specially crafted LZW stream, exposing systems running affected versions of CUPS to serious security risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.ubuntu.com/usn/USN-1207-1
vendor-advisoryx_refsource_UBUNTU
https://bugzilla.redhat.com/show_bug.cgi?id=727800
x_refsource_CONFIRM
http://www.debian.org/security/2011/dsa-2354
vendor-advisoryx_refsource_DEBIAN

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.