Moderate

CVE-2009-0163 - Numeric Errors vulnerability in Apple Cups

Publication: 2009-04-23
Summary

Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) _cupsImageReadTIFF function in the imagetops filter and (2) imagetoraster filter, leading to a heap-based buffer overflow.

Classification
CWE-189: Numeric Errors

Risk level (CVSS 6.8)

Moderate

6.8

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • Apple Cups 1.1
  • Apple Cups 1.1.1
  • Apple Cups 1.1.2
  • Apple Cups 1.1.3
  • Apple Cups 1.1.4
  • Apple Cups 1.1.5
  • Apple Cups 1.1.6
  • Apple Cups 1.1.7
  • Apple Cups 1.1.8
  • Apple Cups 1.1.9
  • Apple Cups 1.1.10
  • Apple Cups 1.1.11
  • Apple Cups 1.1.12
  • Apple Cups 1.1.13
  • Apple Cups 1.1.14
  • Apple Cups 1.1.15
  • Apple Cups 1.1.16
  • Apple Cups 1.1.17
  • Apple Cups 1.1.18
  • Apple Cups 1.1.19
  • Apple Cups 1.1.19
  • Apple Cups 1.1.19
  • Apple Cups 1.1.19
  • Apple Cups 1.1.19
  • Apple Cups 1.1.19
  • Apple Cups 1.1.20
  • Apple Cups 1.1.20
  • Apple Cups 1.1.20
  • Apple Cups 1.1.20
  • Apple Cups 1.1.20
  • Apple Cups 1.1.20
  • Apple Cups 1.1.20
  • Apple Cups 1.1.6-1
  • Apple Cups 1.1.10-1
  • Apple Cups 1.1.6-2
  • Apple Cups 1.1.6-3
  • Apple Cups 1.1.5-1
  • Apple Cups 1.1.5-2
  • Apple Cups 1.1.21
  • Apple Cups 1.1.9-1
  • Apple Cups 1.1.21
  • Apple Cups 1.1.21
  • Apple Cups 1.1.22
  • Apple Cups 1.1.22
  • Apple Cups 1.1.22
  • Apple Cups 1.1.23
  • Apple Cups 1.1.23
  • Apple Cups 1.2
  • Apple Cups 1.2
  • Apple Cups 1.2
  • Apple Cups 1.2
  • Apple Cups 1.2.0
  • Apple Cups 1.2
  • Apple Cups 1.2.1
  • Apple Cups 1.2.2
  • Apple Cups 1.2.3
  • Apple Cups 1.2.4
  • Apple Cups 1.2.5
  • Apple Cups 1.2.6
  • Apple Cups 1.2.7
  • Apple Cups 1.2.8
  • Apple Cups 1.2.9
  • Apple Cups 1.2.10
  • Apple Cups 1.2.11
  • Apple Cups 1.2.12
  • Apple Cups 1.3
  • Apple Cups 1.3
  • Apple Cups 1.3
  • Apple Cups 1.3.0
  • Apple Cups 1.3.1
  • Apple Cups 1.3.2
  • Apple Cups 1.3.3
  • Apple Cups 1.3.4
  • Apple Cups 1.3.5
  • Apple Cups 1.3.6
  • Apple Cups 1.3.7
  • Apple Cups 1.3.8
  • Apple Cups 1.3.9