FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

cups-filters -- buffer overflow in texttopdf size allocation

Affected packages
cups-filters < 1.0.70

Details

VuXML ID b19da422-1e02-11e5-b43d-002590263bf5
Discovery 2015-06-26
Entry 2015-06-29

Stefan Cornelius from Red Hat reports:

A heap-based buffer overflow was discovered in the way the texttopdf utility of cups-filters processed print jobs with a specially crafted line size. An attacker being able to submit print jobs could exploit this flaw to crash texttopdf or, possibly, execute arbitrary code.

[source]

Till Kamppeter reports:

texttopdf: Fixed buffer overflow on size allocation of texttopdf when working with extremely small line sizes, which causes the size calculation to result in 0 (CVE-2015-3258, thanks to Stefan Cornelius from Red Hat for the patch).

[source]

References

CVE Name CVE-2015-3258
Message http://www.openwall.com/lists/oss-security/2015/06/26/4
URL http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7363

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.