Vulnerability Details CVE-2002-1371
filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.059
EPSS Ranking 90.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000702
- http://marc.info/?l=bugtraq&m=104032149026670&w=2
- http://www.debian.org/security/2003/dsa-232
- http://www.idefense.com/advisory/12.19.02.txt
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001
- http://www.novell.com/linux/security/advisories/2003_002_cups.html
- http://www.redhat.com/support/errata/RHSA-2002-295.html
- http://www.securityfocus.com/bid/6439
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10911
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000702
- http://marc.info/?l=bugtraq&m=104032149026670&w=2
- http://www.debian.org/security/2003/dsa-232
- http://www.idefense.com/advisory/12.19.02.txt
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001
- http://www.novell.com/linux/security/advisories/2003_002_cups.html
- http://www.redhat.com/support/errata/RHSA-2002-295.html
- http://www.securityfocus.com/bid/6439
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10911
Products affected by CVE-2002-1371
-
cpe:2.3:a:easy_software_products:cups:1.0.4
-
cpe:2.3:a:easy_software_products:cups:1.0.4_8
-
cpe:2.3:a:easy_software_products:cups:1.1.1
-
cpe:2.3:a:easy_software_products:cups:1.1.10
-
cpe:2.3:a:easy_software_products:cups:1.1.13
-
cpe:2.3:a:easy_software_products:cups:1.1.14
-
cpe:2.3:a:easy_software_products:cups:1.1.17
-
cpe:2.3:a:easy_software_products:cups:1.1.4
-
cpe:2.3:a:easy_software_products:cups:1.1.4_2
-
cpe:2.3:a:easy_software_products:cups:1.1.4_3
-
cpe:2.3:a:easy_software_products:cups:1.1.4_5
-
cpe:2.3:a:easy_software_products:cups:1.1.6
-
cpe:2.3:a:easy_software_products:cups:1.1.7
-
cpe:2.3:o:apple:mac_os_x:10.2
-
cpe:2.3:o:apple:mac_os_x:10.2.2