CVE-2010-3441

Description

Multiple buffer overflows in abcm2ps before 5.9.12 might allow remote attackers to execute arbitrary code via (1) a crafted input file, related to the PUT0 and PUT1 output macros; (2) a crafted input file, related to the trim_title function; and possibly (3) a long -O option on a command line.

How to fix CVE-2010-3441

To remediate CVE-2010-3441, upgrade the affected package to a fixed version below.

• Debian/abcm2ps—upgrade to 5.9.13-0.1 or later

Is CVE-2010-3441 being exploited?

Moderate — EPSS is 5.8%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

• from 0, < 5.9.13-0.1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2010-3441