CVE-2009-0163

Priority
Description
Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and
earlier allows remote attackers to cause a denial of service (daemon crash)
and possibly execute arbitrary code via a crafted TIFF image, which is not
properly handled by the (1) _cupsImageReadTIFF function in the imagetops
filter and (2) imagetoraster filter, leading to a heap-based buffer
overflow.
Assigned-to
jdstrand
Notes
keescups/CVE-2009-0163.patch
jdstrandwithout a reproducer, AFAICS cups with libtiff should be vulnerable
as libtiff doesn't error out on images with a height (ImageLength) larger
than 0x3fffffff (2^30-1)
Package
Source: cups (LP Ubuntu Debian)
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2020-09-10 01:06:08 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)