CVE-2008-5286
EPSS 8.3%cupsys - arbitrary code execution
發布日:2008/12/1修改日:2026/4/28
描述
Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 through 1.3.9 allows remote attackers to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow.
受影響套件(2)
- Debian/cupsfrom 0, < 1.3.8-1lenny4
- Debian/cupsysfrom 0, < 1.2.7-4etch6