|Summary:||pbm2l2030: Stack-based buffer overflow when reading PBM stream lines during image printing|
|Product:||[Other] Security Response||Reporter:||Jan Lieskovsky <jlieskov>|
|Component:||vulnerability||Assignee:||Red Hat Product Security <security-response-team>|
|Status:||CLOSED WONTFIX||QA Contact:|
|Version:||unspecified||CC:||dkholia, security-response-team, twaugh|
|Target Milestone:||---||Keywords:||Patch, Security|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2016-06-01 09:15:16 UTC||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Cloudforms Team:||---||Target Upstream Version:|
|Bug Depends On:|
Description Jan Lieskovsky 2013-02-06 17:06:26 UTC
A stack-based buffer overflow flaw was found in the way pbm2l2030, a filter to convert raw Portable Bitmap Format (PBM) image data to the printer language of Lexmark 2030 printers, performed reading of PBM stream line data during image printing / conversion. A remote attacker could provide a specially-crafted PBM image file that, when processed by the filter, would lead to pbm2l2030 executable crash or, potentially, arbitrary code execution with the privileges of the user running the pbm2l2030 binary. This issue was discovered by Murray McAllister of Red Hat Security Response Team.
Comment 1 Jan Lieskovsky 2013-02-06 17:11:26 UTC
This issue affects the version of the pbm2l2030 package, as shipped with Red Hat Enterprise Linux 6. -- This issue affects the versions of the pbm2l2030 package, as shipped with Fedora release of 16, 17, and 18.