Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1218297 | Issue Tracking |
http://www.openwall.com/lists/oss-security/2016/02/15/7 | Third Party Advisory |
https://bugs.linuxfoundation.org/show_bug.cgi?id=515 | |
http://rhn.redhat.com/errata/RHSA-2016-0491.html | Third Party Advisory |
http://www.openwall.com/lists/oss-security/2016/02/15/1 | Third Party Advisory |
http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/annotate/head:/ChangeLog | Patch Vendor Advisory |
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Information
Published : 2016-04-15 07:59
Updated : 2019-12-27 08:08
NVD link : CVE-2010-5325
Mitre link : CVE-2010-5325
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
redhat
- enterprise_linux_desktop
- enterprise_linux_hpc_node
- enterprise_linux_workstation
- enterprise_linux
- enterprise_linux_server_eus
- enterprise_linux_server
linuxfoundation
- foomatic-filters
oracle
- linux