Apple CUPS gif_read_lzw Heap Buffer Overflow (CVE-2011-3170)
| Check Point Reference: | CPAI-2011-431 | |
| Date Published: | ||
| Severity: | ||
| Source: | Secunia Advisory 45796 | |
| Industry Reference(s): | CVE-2011-3170 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Apple Computer Common UNIX Printing System (CUPS) 1.4.8 and prior. Other Products Embedding the Vulnerable Product: Apple Computer Mac OS X Apple Computer Mac OS X Server Debian Project Debian GNU/Linux Novell SuSE LINUX Red Hat Enterprise Linux Ubuntu Linux | ||
| Vulnerability Description A remote code execution vulnerability has been reported in Apple Common UNIX Printing System (CUPS). |
||
|
Vulnerability Details The vulnerability is due to insufficient validation error while processing image data in GIF files. A remote attacker may exploit this vulnerability by enticing a user to open a specially crafted GIF file. Successful exploitation would allow an attacker to execute arbitrary code on the system, in the security context of the logged on user. An unsuccessful code execution could terminate the application, resulting in a denial of service condition. |
Protection Overview
This protection will detect and block attempts to transfer malicious GIF files.
In order for the protection to be activated, update your product to the latest update. For information on how to update , go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.