FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2008-3641

This CVE name corresponds to:

Entered Topic
2008-10-10 cups -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2008-3641 at cve.mitre.org

Details

Type Candidate
Name CVE-2008-3641
Phase Assigned(20080812)

Description

The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory.

References

Source Reference
BUGTRAQ 20081010 ZDI-08-067: Apple CUPS 1.3.7 (HP-GL/2 filter) Remote Code Execution Vulnerability
MISC http://www.zerodayinitiative.com/advisories/ZDI-08-067
CONFIRM http://www.cups.org/articles.php?L575
CONFIRM http://www.cups.org/str.php?L2911
CONFIRM http://support.apple.com/kb/HT3216
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm
APPLE APPLE-SA-2008-10-09
DEBIAN DSA-1656
FEDORA FEDORA-2008-8801
FEDORA FEDORA-2008-8844
GENTOO GLSA-200812-11
MANDRIVA MDVSA-2008:211
REDHAT RHSA-2008:0937
SUNALERT 261088
SUSE SUSE-SR:2008:021
SUSE SUSE-SR:2009:002
UBUNTU USN-656-1
BID 31681
BID 31688
OVAL oval:org.mitre.oval:def:9666
SECUNIA 33085
SECUNIA 33111
SECUNIA 32331
VUPEN ADV-2008-2782
VUPEN ADV-2008-2780
VUPEN ADV-2008-3401
SECTRACK 1021031
SECUNIA 32084
SECUNIA 32226
SECUNIA 32316
SECUNIA 32284
SECUNIA 32292
SECUNIA 32222
SECUNIA 33568
VUPEN ADV-2009-1568
XF cups-hpgl-code-execution(45779)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.