CVE-2009-0163

Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) _cupsImageReadTIFF function in the imagetops filter and (2) imagetoraster filter, leading to a heap-based buffer overflow.

🔗 References (38)

• cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
• cve@mitrehttp://secunia.com/advisories/34481
• cve@mitrehttp://secunia.com/advisories/34722
• cve@mitrehttp://secunia.com/advisories/34747
• cve@mitrehttp://secunia.com/advisories/34756
• cve@mitrehttp://secunia.com/advisories/34852
• cve@mitrehttp://security.gentoo.org/glsa/glsa-200904-20.xml
• cve@mitrehttp://wiki.rpath.com/Advisories:rPSA-2009-0061
• cve@mitrehttp://www.cups.org/articles.php?L582
• cve@mitrehttp://www.cups.org/str.php?L3031
• cve@mitrehttp://www.debian.org/security/2009/dsa-1773
• cve@mitrehttp://www.redhat.com/support/errata/RHSA-2009-0428.html
• cve@mitrehttp://www.redhat.com/support/errata/RHSA-2009-0429.html
• cve@mitrehttp://www.securityfocus.com/archive/1/502750/100/0/threaded
• cve@mitrehttp://www.securityfocus.com/bid/34571