CVE-2008-3641

Description

The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory.

How to fix CVE-2008-3641

To remediate CVE-2008-3641, upgrade the affected package to a fixed version below.

• Debian/cups—upgrade to 1.3.8-1lenny2 or later

Is CVE-2008-3641 being exploited?

Moderate — EPSS is 47.3%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

• from 0, < 1.3.8-1lenny2

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2008-3641