Lucene search

[email protected]CVE-2008-3639

HistoryOct 14, 2008 - 9:10 p.m.

CVE-2008-3639

2008-10-1421:10:35

CWE-119

[email protected]

web.nvd.nist.gov

cups

buffer overflow

imagetops

security vulnerability

cve-2008-3639

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.812 High

EPSS

Percentile

98.4%

JSON

Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count.

Affected configurations

NVD

Node

applecupsRange≤1.3.8

applecupsMatch1.1

applecupsMatch1.1.1

applecupsMatch1.1.2

applecupsMatch1.1.3

applecupsMatch1.1.4

applecupsMatch1.1.5

applecupsMatch1.1.5-1

applecupsMatch1.1.5-2

applecupsMatch1.1.6

applecupsMatch1.1.6-1

applecupsMatch1.1.6-2

applecupsMatch1.1.6-3

applecupsMatch1.1.7

applecupsMatch1.1.8

applecupsMatch1.1.9

applecupsMatch1.1.9-1

applecupsMatch1.1.10

applecupsMatch1.1.10-1

applecupsMatch1.1.11

applecupsMatch1.1.12

applecupsMatch1.1.13

applecupsMatch1.1.14

applecupsMatch1.1.15

applecupsMatch1.1.16

applecupsMatch1.1.17

applecupsMatch1.1.18

applecupsMatch1.1.19

applecupsMatch1.1.19rc1

applecupsMatch1.1.19rc2

applecupsMatch1.1.19rc3

applecupsMatch1.1.19rc4

applecupsMatch1.1.19rc5

applecupsMatch1.1.20

applecupsMatch1.1.20rc1

applecupsMatch1.1.20rc2

applecupsMatch1.1.20rc3

applecupsMatch1.1.20rc4

applecupsMatch1.1.20rc5

applecupsMatch1.1.20rc6

applecupsMatch1.1.21

applecupsMatch1.1.21rc1

applecupsMatch1.1.21rc2

applecupsMatch1.1.22

applecupsMatch1.1.22rc1

applecupsMatch1.1.22rc2

applecupsMatch1.1.23

applecupsMatch1.1.23rc1

applecupsMatch1.2b1

applecupsMatch1.2b2

applecupsMatch1.2rc1

applecupsMatch1.2rc2

applecupsMatch1.2rc3

applecupsMatch1.2.0

applecupsMatch1.2.1

applecupsMatch1.2.2

applecupsMatch1.2.3

applecupsMatch1.2.4

applecupsMatch1.2.5

applecupsMatch1.2.6

applecupsMatch1.2.7

applecupsMatch1.2.8

applecupsMatch1.2.9

applecupsMatch1.2.10

applecupsMatch1.2.11

applecupsMatch1.2.12

applecupsMatch1.3b1

applecupsMatch1.3rc1

applecupsMatch1.3rc2

applecupsMatch1.3.0

applecupsMatch1.3.1

applecupsMatch1.3.2

applecupsMatch1.3.3

applecupsMatch1.3.4

applecupsMatch1.3.5

applecupsMatch1.3.6

applecupsMatch1.3.7

CPENameOperatorVersion
apple:cupsapple cupsle1.3.8
apple:cupsapple cupseq1.1
apple:cupsapple cupseq1.1.1
apple:cupsapple cupseq1.1.2
apple:cupsapple cupseq1.1.3
apple:cupsapple cupseq1.1.4
apple:cupsapple cupseq1.1.5
apple:cupsapple cupseq1.1.5-1
apple:cupsapple cupseq1.1.5-2
apple:cupsapple cupseq1.1.6

CPE	Name	Operator	Version
apple:cups	apple cups	le	1.3.8
apple:cups	apple cups	eq	1.1
apple:cups	apple cups	eq	1.1.1
apple:cups	apple cups	eq	1.1.2
apple:cups	apple cups	eq	1.1.3
apple:cups	apple cups	eq	1.1.4
apple:cups	apple cups	eq	1.1.5
apple:cups	apple cups	eq	1.1.5-1
apple:cups	apple cups	eq	1.1.5-2
apple:cups	apple cups	eq	1.1.6