Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 APP:CUPS:JBIG2-SYMBOLDICTIONARY

Severity

 Major

Recommended

 No

Recommended Action

 Drop

Category

 APP

Keywords

 CUPS JBIG2 Symbol Dictionary Buffer Overflow

Release Date

 2011/07/21

Update Number

 1959

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

APP: CUPS JBIG2 Symbol Dictionary Buffer Overflow


This signature detects attempts to exploit a known vulnerability in CUPS and Xpdf products. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the affected application.

Extended Description

CUPS and Xpdf are prone to a remote buffer-overflow vulnerability because they fail to properly bounds-check user-supplied input before copying it into a finite-sized buffer. Exploiting this issue may allow remote attackers to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions. The following are vulnerable; other applications or versions may also be affected: Xpdf 3.02pl2 and earlier CUPS 1.3.9 and earlier NOTE: This vulnerability may already be covered in BID 34568 (Xpdf JBIG2 Processing Multiple Security Vulnerabilities). We will update (or possibly retire) this BID as more information emerges.

Affected Products

  • Easy_software_products cups 1.0.4
  • Easy_software_products cups 1.0.4 -8
  • Easy_software_products cups 1.1.1
  • Easy_software_products cups 1.1.10
  • Easy_software_products cups 1.1.12
  • Easy_software_products cups 1.1.13
  • Easy_software_products cups 1.1.14
  • Easy_software_products cups 1.1.15
  • Easy_software_products cups 1.1.16
  • Easy_software_products cups 1.1.17
  • Easy_software_products cups 1.1.18
  • Easy_software_products cups 1.1.19
  • Easy_software_products cups 1.1.19 Rc5
  • Easy_software_products cups 1.1.20
  • Easy_software_products cups 1.1.21
  • Easy_software_products cups 1.1.22
  • Easy_software_products cups 1.1.22 Rc1
  • Easy_software_products cups 1.1.23
  • Easy_software_products cups 1.1.23 Rc1
  • Easy_software_products cups 1.1.4
  • Easy_software_products cups 1.1.4 -2
  • Easy_software_products cups 1.1.4 -3
  • Easy_software_products cups 1.1.4 -5
  • Easy_software_products cups 1.1.6
  • Easy_software_products cups 1.1.7
  • Easy_software_products cups 1.2.10
  • Easy_software_products cups 1.2.12
  • Easy_software_products cups 1.2.2
  • Easy_software_products cups 1.2.4
  • Easy_software_products cups 1.2.8
  • Easy_software_products cups 1.2.9
  • Easy_software_products cups 1.3.2
  • Easy_software_products cups 1.3.3
  • Easy_software_products cups 1.3.5
  • Easy_software_products cups 1.3.6
  • Easy_software_products cups 1.3.7
  • Easy_software_products cups 1.3.8
  • Easy_software_products cups 1.3.9
  • Gnome gpdf 2.8.2
  • Mandriva corporate_server 3.0.0
  • Mandriva corporate_server 3.0.0 X86 64
  • Mandriva corporate_server 4.0
  • Mandriva corporate_server 4.0.0 X86 64
  • Mandriva enterprise_server 5
  • Mandriva enterprise_server 5 X86 64
  • Mandriva linux_mandrake 2008.0
  • Mandriva linux_mandrake 2008.0 X86 64
  • Mandriva linux_mandrake 2009.0
  • Mandriva linux_mandrake 2009.0 X86 64
  • Mandriva multi_network_firewall 2.0.0
  • Pardus linux_2008
  • Red_hat enterprise_linux 5 Server
  • Red_hat enterprise_linux Desktop Version 4
  • Red_hat enterprise_linux_as 4
  • Red_hat enterprise_linux_desktop 5 Client
  • Red_hat enterprise_linux_desktop_workstation 5 Client
  • Red_hat enterprise_linux_es 4
  • Red_hat enterprise_linux_ws 4
  • Red_hat fedora 11
  • Ubuntu ubuntu_linux 9.04 Amd64
  • Ubuntu ubuntu_linux 9.04 I386
  • Ubuntu ubuntu_linux 9.04 Lpia
  • Ubuntu ubuntu_linux 9.04 Powerpc
  • Ubuntu ubuntu_linux 9.04 Sparc
  • Xpdf xpdf 3.0.0 0
  • Xpdf xpdf 3.0.0 1
  • Xpdf xpdf 3.0.0 1Pl1
  • Xpdf xpdf 3.0.0 Pl2
  • Xpdf xpdf 3.0.0 Pl3
  • Xpdf xpdf 3.01
  • Xpdf xpdf 3.0.1 (Patch 2)
  • Xpdf xpdf 3.02
  • Xpdf xpdf 3.02Pl1
  • Xpdf xpdf 3.02Pl2

References

  • BugTraq: 34791
  • CVE: CVE-2009-0195

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out