CVE - CVE-2008-3641

CVE-ID
CVE-2008-3641	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
APPLE:APPLE-SA-2008-10-09 URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html BID:31681 URL:http://www.securityfocus.com/bid/31681 BID:31688 URL:http://www.securityfocus.com/bid/31688 BUGTRAQ:20081010 ZDI-08-067: Apple CUPS 1.3.7 (HP-GL/2 filter) Remote Code Execution Vulnerability URL:http://www.securityfocus.com/archive/1/497221/100/0/threaded CONFIRM:http://support.apple.com/kb/HT3216 CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm CONFIRM:http://www.cups.org/articles.php?L575 CONFIRM:http://www.cups.org/str.php?L2911 DEBIAN:DSA-1656 URL:http://www.debian.org/security/2008/dsa-1656 FEDORA:FEDORA-2008-8801 URL:https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html FEDORA:FEDORA-2008-8844 URL:https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html GENTOO:GLSA-200812-11 URL:http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml MANDRIVA:MDVSA-2008:211 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2008:211~~ (Obsolete source) MISC:http://www.zerodayinitiative.com/advisories/ZDI-08-067 OVAL:oval:org.mitre.oval:def:9666 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9666 REDHAT:RHSA-2008:0937 URL:http://www.redhat.com/support/errata/RHSA-2008-0937.html SECTRACK:1021031 URL:http://www.securitytracker.com/id?1021031 SECUNIA:32084 URL:http://secunia.com/advisories/32084 SECUNIA:32222 URL:http://secunia.com/advisories/32222 SECUNIA:32226 URL:http://secunia.com/advisories/32226 SECUNIA:32284 URL:http://secunia.com/advisories/32284 SECUNIA:32292 URL:http://secunia.com/advisories/32292 SECUNIA:32316 URL:http://secunia.com/advisories/32316 SECUNIA:32331 URL:http://secunia.com/advisories/32331 SECUNIA:33085 URL:http://secunia.com/advisories/33085 SECUNIA:33111 URL:http://secunia.com/advisories/33111 SECUNIA:33568 URL:http://secunia.com/advisories/33568 SUNALERT:261088 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1~~ (Obsolete source) SUSE:SUSE-SR:2008:021 URL:http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html SUSE:SUSE-SR:2009:002 URL:http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html UBUNTU:USN-656-1 URL:https://usn.ubuntu.com/656-1/ VUPEN:ADV-2008-2780 URL:~~http://www.vupen.com/english/advisories/2008/2780~~ (Obsolete source) VUPEN:ADV-2008-2782 URL:~~http://www.vupen.com/english/advisories/2008/2782~~ (Obsolete source) VUPEN:ADV-2008-3401 URL:~~http://www.vupen.com/english/advisories/2008/3401~~ (Obsolete source) VUPEN:ADV-2009-1568 URL:~~http://www.vupen.com/english/advisories/2009/1568~~ (Obsolete source) XF:cups-hpgl-code-execution(45779) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/45779
Assigning CNA
MITRE Corporation
Date Record Created
20080812	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20080812)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)