Candidate: CVE-2009-0163
PublicDate: 2009-04-23 17:30:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0163
 https://ubuntu.com/security/notices/USN-760-1
Description:
 Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and
 earlier allows remote attackers to cause a denial of service (daemon crash)
 and possibly execute arbitrary code via a crafted TIFF image, which is not
 properly handled by the (1) _cupsImageReadTIFF function in the imagetops
 filter and (2) imagetoraster filter, leading to a heap-based buffer
 overflow.
Ubuntu-Description: 
Notes: 
 kees> cups/CVE-2009-0163.patch
 jdstrand> without a reproducer, AFAICS cups with libtiff should be vulnerable
  as libtiff doesn't error out on images with a height (ImageLength) larger
  than 0x3fffffff (2^30-1)
Bugs: 
Priority: medium
Discovered-by: 
Assigned-to: jdstrand
CVSS: 

Patches_cups:
Tags_cups_intrepid: apparmor
upstream_cups: needs-triage
dapper_cups: DNE
gutsy_cups: DNE
hardy_cups: DNE
intrepid_cups: released (1.3.9-2ubuntu9.1)
devel_cups: released (1.3.9-17ubuntu1)

Patches_cupsys:
upstream_cupsys: needs-triage
Tags_cupsys_gutsy: apparmor
Tags_cupsys_hardy: apparmor
dapper_cupsys: released (1.2.2-0ubuntu0.6.06.13)
gutsy_cupsys: released (1.3.2-1ubuntu7.10)
hardy_cupsys: released (1.3.7-1ubuntu3.4)
intrepid_cupsys: DNE
devel_cupsys: DNE