Red Hat ENTERPRISE LINUX 5.4 - TECHNICAL NOTES Manual page 53

This update has been rated as having important security impact by the Red Hat Security Response
Team.
The Common UNIX® Printing System (CUPS) provides a portable printing layer for UNIX operating
systems.
Multiple integer overflow flaws were found in the CUPS JBIG2 decoder. An attacker could create a
malicious PDF file that would cause CUPS to crash or, potentially, execute arbitrary code as the "lp"
user if the file was printed.
Multiple buffer overflow flaws were found in the CUPS JBIG2 decoder. An attacker could create a
malicious PDF file that would cause CUPS to crash or, potentially, execute arbitrary code as the "lp"
user if the file was printed.
Multiple flaws were found in the CUPS JBIG2 decoder that could lead to the freeing of arbitrary
memory. An attacker could create a malicious PDF file that would cause CUPS to crash or, potentially,
execute arbitrary code as the "lp" user if the file was printed.
Multiple input validation flaws were found in the CUPS JBIG2 decoder. An attacker could create a
malicious PDF file that would cause CUPS to crash or, potentially, execute arbitrary code as the "lp"
user if the file was printed.
An integer overflow flaw, leading to a heap-based buffer overflow, was discovered in the Tagged
Image File Format (TIFF) decoding routines used by the CUPS image-converting filters, "imagetops"
and "imagetoraster". An attacker could create a malicious TIFF file that could, potentially, execute
arbitrary code as the "lp" user if the file was printed.
Multiple denial of service flaws were found in the CUPS JBIG2 decoder. An attacker could
create a malicious PDF file that would cause CUPS to crash when printed.
217
CVE-2009-1181 CVE-2009-1183
,
Red Hat would like to thank Aaron Sigel, Braden Thomas and Drew Yao of the Apple Product Security
team, and Will Dormann of the CERT/CC for responsibly reporting these flaws.
Users of cups are advised to upgrade to these updated packages, which contain backported patches
to correct these issues. After installing the update, the cupsd daemon will be restarted automatically.
208
https://www.redhat.com/security/data/cve/CVE-2009-0147.html
209
https://www.redhat.com/security/data/cve/CVE-2009-1179.html
210
https://www.redhat.com/security/data/cve/CVE-2009-0146.html
211
https://www.redhat.com/security/data/cve/CVE-2009-1182.html
212
https://www.redhat.com/security/data/cve/CVE-2009-0166.html
213
https://www.redhat.com/security/data/cve/CVE-2009-1180.html
214
https://www.redhat.com/security/data/cve/CVE-2009-0800.html
215
https://www.redhat.com/security/data/cve/CVE-2009-0163.html
216
https://www.redhat.com/security/data/cve/CVE-2009-0799.html
217
https://www.redhat.com/security/data/cve/CVE-2009-1181.html
218
https://www.redhat.com/security/data/cve/CVE-2009-1183.html
208
CVE-2009-1179
(CVE-2009-0147 ,
210
CVE-2009-1182
(CVE-2009-0146 ,
214
(CVE-2009-0800 )
218
)
RHSA-2009:0429: Important security update
209
)
211
)
(CVE-2009-0166
215
(CVE-2009-0163 )
212
CVE-2009-1180
,
216
(CVE-2009-0799 ,
213
)
35