CVE-2008-3641

The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory.

Link	Resource
http://www.securityfocus.com/bid/31681	Patch
http://www.cups.org/str.php?L2911	Exploit
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html	Vendor Advisory
http://secunia.com/advisories/32084	Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:211
http://secunia.com/advisories/32226	Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-0937.html
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html
http://secunia.com/advisories/32316	Vendor Advisory
http://www.securityfocus.com/bid/31688
http://support.apple.com/kb/HT3216	Vendor Advisory
http://secunia.com/advisories/32222	Vendor Advisory
http://www.securitytracker.com/id?1021031
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html
http://secunia.com/advisories/32292	Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-08-067
http://secunia.com/advisories/32284	Vendor Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html
http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml
http://www.debian.org/security/2008/dsa-1656
http://secunia.com/advisories/33568
http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html
http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm
http://secunia.com/advisories/33085
http://secunia.com/advisories/33111
http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1
http://www.vupen.com/english/advisories/2009/1568
http://www.vupen.com/english/advisories/2008/3401
http://www.cups.org/articles.php?L575
http://www.vupen.com/english/advisories/2008/2782
http://www.vupen.com/english/advisories/2008/2780
http://secunia.com/advisories/32331
https://exchange.xforce.ibmcloud.com/vulnerabilities/45779
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9666
https://usn.ubuntu.com/656-1/
http://www.securityfocus.com/archive/1/497221/100/0/threaded

Configuration 1

cpe:2.3:a:apple:cups:1.1.20:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.5-2:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.14:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3:rc2:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.6-1:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.18:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.12:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.5-1:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.3:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.22:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.0:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.16:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.1:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.23:rc1:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.20:rc1:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.15:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.17:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.20:rc6:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.4:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.19:rc1:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.2:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.22:rc1:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.7:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2:rc2:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.6-2:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3:b1:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.3:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.3:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.21:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.9:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.10:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.4:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.23:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.6:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2:b1:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.20:rc4:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.19:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.4:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.8:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.5:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.1:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2:rc3:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.2:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.13:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.19:rc4:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.9-1:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.12:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.21:rc2:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2:b2:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.7:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.6-3:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.20:rc5:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.9:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.7:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.19:rc5:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2:rc1:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.1:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.8:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.2:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.10:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.11:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.22:rc2:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.21:rc1:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3:rc1:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.11:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.19:rc3:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.6:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.10-1:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.0:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.5:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.3.6:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.20:rc2:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.20:rc3:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.2.5:*:*:*:*:*:*:* cpe:2.3:a:apple:cups:1.1.19:rc2:*:*:*:*:*:*

---

Published : 2008-10-10 10:30

Updated : 2018-10-11 08:48

---

NVD link : CVE-2008-3641

Mitre link : CVE-2008-3641

No products.

CWE-399