Mandriva Linux Security Advisory 2009:281: cups
-
- 29
Article Source Mandriva Linux Security Advisories
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2
and earlier, CUPS 1.3.9 and earlier, and other products allow
remote attackers to cause a denial of service (crash) via a
crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2)
JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap
(CVE-2009-0146, CVE-2009-0147).
Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and
earlier allows remote attackers to cause a denial of service (daemon
crash) and possibly execute arbitrary code via a crafted TIFF image,
which is not properly handled by the (1) _cupsImageReadTIFF function
in the imagetops filter and (2) imagetoraster filter, leading to a
heap-based buffer overflow (CVE-2009-0163).
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier,
as used in Poppler and other products, when running on Mac OS X,
has unspecified impact, related to g*allocn (CVE-2009-0165).
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier,
and other products allows remote attackers to cause a denial of service
(crash) via a crafted PDF file that triggers a free of uninitialized
memory (CVE-2009-0166).
Multiple integer overflows in the pdftops filter in CUPS 1.1.17,
1.1.22, and 1.3.7 allow remote attackers to cause a denial of service
(application crash) or possibly execute arbitrary code via a crafted
PDF file that triggers a heap-based buffer overflow, possibly
related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c,
(4) JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE:
the JBIG2Stream.cxx vector may overlap CVE-2009-1179 (CVE-2009-0791).
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10
does not properly initialize memory for IPP request packets, which
allows remote attackers to cause a denial of service (NULL pointer
dereference and daemon crash) via a scheduler request with two
consecutive IPP_TAG_UNSUPPORTED tags (CVE-2009-0949).
Two integer overflow flaws were found in the CUPS pdftops filter. An
attacker could create a malicious PDF file that would cause pdftops
to crash or, potentially, execute arbitrary code as the lp user if
the file was printed. (CVE-2009-3608, CVE-2009-3609)
Article Source Mandriva Linux Security Advisories Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2and earlier, CUPS 1.3.9 and earlier, and other products allowremote attackers to cause a denial of service (crash) via acrafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2)JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap(CVE-2009-0146, CVE-2009-0147). Integer overflow in the TIFF…
Article Source Mandriva Linux Security Advisories Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2and earlier, CUPS 1.3.9 and earlier, and other products allowremote attackers to cause a denial of service (crash) via acrafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2)JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap(CVE-2009-0146, CVE-2009-0147). Integer overflow in the TIFF…