CVE-2008-1722

Published: 10 April 2008

Multiple integer overflows in (1) filter/image-png.c and (2) filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service (crash) and trigger memory corruption, as demonstrated via a crafted PNG image.

Priority

Status

Package	Release	Status
cupsys Launchpad, Ubuntu, Debian	dapper	Released (1.2.2-0ubuntu0.6.06.9)
	edgy	Ignored (end of life, was needed)
	feisty	Released (1.2.8-0ubuntu8.4)
	gutsy	Released (1.3.2-1ubuntu7.7)
	hardy	Released (1.3.7-1ubuntu3)
	upstream	Pending
	Patches: upstream: http://www.cups.org/strfiles/2790/str2790.patch

References

https://ubuntu.com/security/notices/USN-606-1
https://www.cve.org/CVERecord?id=CVE-2008-1722
NVD
Launchpad
Debian

Bugs

https://bugs.launchpad.net/ubuntu/+source/cupsys/+bug/219491

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›