Vulnerabilities

CVE-2011-3170

by Fred · 19/08/2011

The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896.

Date published : 2011-08-19

http://www.securityfocus.com/bid/49323

http://cups.org/str.php?L3914

Similar

Tags: Cybersecurity Alert