CVE-2008-1373
cupsys - buffer overflow
EPSS 7.5%
Description
Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484.
How to fix CVE-2008-1373
To remediate CVE-2008-1373, upgrade the affected package to a fixed version below.
- Debian/cups—upgrade to 1.3.7-1 or later
- Debian/cupsys—upgrade to 1.3.6-3+lenny1 or later
Is CVE-2008-1373 being exploited?
Moderate — EPSS is 7.5%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 1.3.7-1
- from 0, < 1.3.6-3+lenny1