USN-760-1: CUPS vulnerability
16 April 2009
- cups -
- cupsys -
It was discovered that CUPS did not properly check the height of TIFF images.
If a user or automated system were tricked into opening a crafted TIFF image
file, a remote attacker could cause a denial of service or possibly execute
arbitrary code with user privileges. In Ubuntu 7.10, 8.04 LTS, and 8.10,
attackers would be isolated by the AppArmor CUPS profile.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system upgrade is sufficient to effect the