Oval Definition:	oval:org.mitre.oval:def:11464
Revision Date: 2013-04-29 Version: 12 Title: Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count. Description: Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2008-3639 Platform(s): CentOS Linux 3 CentOS Linux 4 CentOS Linux 5 Oracle Linux 4 Oracle Linux 5 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Product(s): Definition Synopsis OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 OR CentOS Linux 3.x AND Configuration section cups-devel is earlier than 1:1.1.17-13.3.54 OR cups is earlier than 1:1.1.17-13.3.54 OR cups-libs is earlier than 1:1.1.17-13.3.54 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 OR CentOS Linux 4.x OR Oracle Linux 4.x AND Configuration section cups-devel is earlier than 1:1.1.22-0.rc1.9.27.el4_7.1 OR cups is earlier than 1:1.1.22-0.rc1.9.27.el4_7.1 OR cups-libs is earlier than 1:1.1.22-0.rc1.9.27.el4_7.1 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 OR The operating system installed on the system is CentOS Linux 5.x OR Oracle Linux 5.x AND Configuration section cups-lpd is earlier than 1:1.2.4-11.18.el5_2.2 OR cups-devel is earlier than 1:1.2.4-11.18.el5_2.2 OR cups is earlier than 1:1.2.4-11.18.el5_2.2 OR cups-libs is earlier than 1:1.2.4-11.18.el5_2.2
BACK