FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

cups-filters -- buffer overflow in texttopdf size allocation

Affected packages
cups-filters < 1.0.70


VuXML ID b19da422-1e02-11e5-b43d-002590263bf5
Discovery 2015-06-26
Entry 2015-06-29

Stefan Cornelius from Red Hat reports:

A heap-based buffer overflow was discovered in the way the texttopdf utility of cups-filters processed print jobs with a specially crafted line size. An attacker being able to submit print jobs could exploit this flaw to crash texttopdf or, possibly, execute arbitrary code.

Till Kamppeter reports:

texttopdf: Fixed buffer overflow on size allocation of texttopdf when working with extremely small line sizes, which causes the size calculation to result in 0 (CVE-2015-3258, thanks to Stefan Cornelius from Red Hat for the patch).


CVE Name CVE-2015-3258