Red Hat Bugzilla – Bug 732106
CVE-2011-3170 cups: gif_read_lzw() does not properly handle first code word in an LZW stream, which may lead to arbitrary code execution
Last modified: 2011-08-24 01:40:21 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2011-3170 to
the following vulnerability:
The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and
earlier does not properly handle the first code word in an LZW stream,
which allows remote attackers to trigger a heap-based buffer overflow,
and possibly execute arbitrary code, via a crafted stream, a different
vulnerability than CVE-2011-2896.
Created cups tracking bugs for this issue
Affects: fedora-all [bug 732107]
Fixed upstream in r9865.
This is what we have mentioned in bug #727800, comment #8. Sounds like an incomplete CVE-2011-2896 fix id to me.
Yes, I think you're right on that count.
Not affected. This flaw was introduced in CUPS due to an incomplete fix for CVE-2011-2896, which was not applied to any CUPS packages in Red Hat Enterprise Linux.