CVE-2008-3639

Published: 14 October 2008

Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count.

Priority

Medium

Status

Package Release Status
cups
Launchpad, Ubuntu, Debian
Upstream
Released (1.3.9-1)
cupsys
Launchpad, Ubuntu, Debian
Upstream
Released (1.3.9-1)