Bug#535489: cups: CVE-2009-0791 integer overflow vulnerabilities
Tags: security , patch
the following CVE (Common Vulnerabilities & Exposures) id was
published for cups.
| Multiple integer overflows in the pdftops filter in CUPS 1.1.17,
| 1.1.22, and 1.3.7 allow remote attackers to cause a denial of service
| (application crash) or possibly execute arbitrary code via a crafted
| PDF file that triggers a heap-based buffer overflow, possibly related
| to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4)
| JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the
| JBIG2Stream.cxx vector may overlap CVE-2009-1179.
See redhat bug for patch .
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
For further information see: