Launchpad.net

CVE 2008-1373

Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484.

Related bugs and status

CVE-2008-1373 (Candidate) is related to these bugs:

Bug #210718: CVE-2008-1373: CUPS GIF image filter overflow

		In	Importance	Status
210718	CVE-2008-1373: CUPS GIF image filter overflow	cupsys (Ubuntu)	High	Fix Released
210718	CVE-2008-1373: CUPS GIF image filter overflow	cupsys (Ubuntu Dapper)	Undecided	Fix Released
210718	CVE-2008-1373: CUPS GIF image filter overflow	cupsys (Ubuntu Edgy)	Undecided	Fix Released
210718	CVE-2008-1373: CUPS GIF image filter overflow	cupsys (Ubuntu Gutsy)	Undecided	Fix Released
210718	CVE-2008-1373: CUPS GIF image filter overflow	cupsys (Ubuntu Feisty)	Undecided	Fix Released
210718	CVE-2008-1373: CUPS GIF image filter overflow	cupsys (Ubuntu Hardy)	High	Fix Released
210718	CVE-2008-1373: CUPS GIF image filter overflow	cupsys (Gentoo Linux)	High	Fix Released
210718	CVE-2008-1373: CUPS GIF image filter overflow	cupsys (Fedora)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.cups.org/st...
GENTOO: GLSA-200804-01
REDHAT: RHSA-2008:0192
REDHAT: RHSA-2008:0206
BID: 28544
SECTRACK: 1019739
SECUNIA: 29634
CONFIRM: http://wiki.rpath.com/...
MANDRIVA: MDVSA-2008:081
UBUNTU: USN-598-1
SECUNIA: 29661
SECUNIA: 29573
SECUNIA: 29603
SECUNIA: 29630
SECUNIA: 29655
FEDORA: FEDORA-2008-2131
FEDORA: FEDORA-2008-2897
SUSE: SUSE-SA:2008:020
SECUNIA: 29750
SECUNIA: 29659
DEBIAN: DSA-1625
SECUNIA: 31324
VUPEN: ADV-2008-1059
XF: cups-gifreadlzw-bo(41587)
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20080404 rPSA-2008-013...