Solution
Please Install the Updated Packages.
Insight
The Common UNIX® Printing System (CUPS) provides a portable printing layer for UNIX operating systems.
An integer overflow flaw, leading to a heap buffer overflow, was discovered in the Portable Network Graphics (PNG) decoding routines used by the CUPS image-converting filters, "
imagetops"
and "
imagetoraster"
. An attacker
could create a malicious PNG file that could, potentially, execute arbitrary code as the "
lp"
user if the file was printed. (CVE-2008-5286)
CUPS users should upgrade to these updated packages, which contain a backported patch to correct this issue.
Affected
cups on Red Hat Enterprise Linux AS version 3,
Red Hat Enterprise Linux ES version 3,
Red Hat Enterprise Linux WS version 3
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-5286 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities