CVE-2008-0053

Impact:
Moderate
Public Date:
2008-03-18
Bugzilla:
438117: CVE-2008-0053 cups: buffer overflows in HP-GL/2 filter

The MITRE CVE dictionary describes this issue as:

Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file.

Find out more about CVE-2008-0053 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

NVD clarification:

To exploit this flaw an attacker needs to print a malicious file through the vulnerable filter (either themselves or by convincing a victim to do so), it should therefore be AC:M

In CUPS, print filters run as an unprivileged user no superuser (root), therefore this should be scored C:P, I:P, A:P

CVSS v2 metrics

Base Score 5.4
Base Metrics AV:A/AC:M/Au:N/C:P/I:P/A:P
Access Vector Adjacent Network
Access Complexity Medium
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (cups) RHSA-2008:0192 2008-04-01
Red Hat Enterprise Linux 4 (cups) RHSA-2008:0206 2008-04-01
Red Hat Enterprise Linux 3 (cups) RHSA-2008:0206 2008-04-01
Last Modified

CVE description copyright © 2017, The MITRE Corporation