CVE-2011-3170
EPSS 9.1%發布日:2011/8/19修改日:2026/4/28
描述
The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896.
受影響套件(1)
- Debian/cupsfrom 0, < 1.5.0-8