CVE-2008-3641

N/A Unknown
Published: October 10, 2008 Modified: April 23, 2026
View on NVD

Description

The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
Source: cve@mitre.org
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html
Source: cve@mitre.org
http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html
Source: cve@mitre.org
http://secunia.com/advisories/32084
Source: cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/32222
Source: cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/32226
Source: cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/32284
Source: cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/32292
Source: cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/32316
Source: cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/32331
Source: cve@mitre.org
http://secunia.com/advisories/33085
Source: cve@mitre.org
http://secunia.com/advisories/33111
Source: cve@mitre.org
http://secunia.com/advisories/33568
Source: cve@mitre.org
http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1
Source: cve@mitre.org
http://support.apple.com/kb/HT3216
Source: cve@mitre.org
Vendor Advisory
http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm
Source: cve@mitre.org
http://www.cups.org/articles.php?L575
Source: cve@mitre.org
http://www.cups.org/str.php?L2911
Source: cve@mitre.org
Exploit
http://www.debian.org/security/2008/dsa-1656
Source: cve@mitre.org
http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml
Source: cve@mitre.org
http://www.mandriva.com/security/advisories?name=MDVSA-2008:211
Source: cve@mitre.org
http://www.redhat.com/support/errata/RHSA-2008-0937.html
Source: cve@mitre.org
http://www.securityfocus.com/archive/1/497221/100/0/threaded
Source: cve@mitre.org
http://www.securityfocus.com/bid/31681
Source: cve@mitre.org
Patch
http://www.securityfocus.com/bid/31688
Source: cve@mitre.org
http://www.securitytracker.com/id?1021031
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2008/2780
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2008/2782
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2008/3401
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2009/1568
Source: cve@mitre.org
http://www.zerodayinitiative.com/advisories/ZDI-08-067
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/45779
Source: cve@mitre.org
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9666
Source: cve@mitre.org
https://usn.ubuntu.com/656-1/
Source: cve@mitre.org
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html
Source: cve@mitre.org
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html
Source: cve@mitre.org
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/32084
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/32222
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/32226
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/32284
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/32292
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/32316
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/32331
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/33085
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/33111
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/33568
Source: af854a3a-2127-422b-91ae-364da2661108
http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1
Source: af854a3a-2127-422b-91ae-364da2661108
http://support.apple.com/kb/HT3216
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://support.avaya.com/elmodocs2/security/ASA-2008-470.htm
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.cups.org/articles.php?L575
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.cups.org/str.php?L2911
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.debian.org/security/2008/dsa-1656
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDVSA-2008:211
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2008-0937.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/497221/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/31681
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.securityfocus.com/bid/31688
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id?1021031
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2008/2780
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2008/2782
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2008/3401
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2009/1568
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.zerodayinitiative.com/advisories/ZDI-08-067
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/45779
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9666
Source: af854a3a-2127-422b-91ae-364da2661108
https://usn.ubuntu.com/656-1/
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html
Source: af854a3a-2127-422b-91ae-364da2661108

72 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
55.2%
98th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-399

Affected Vendors

apple

Related CVEs

CVE-2026-41279 N/A
CVE-2026-41278 N/A
CVE-2026-41277 N/A
CVE-2026-41276 N/A
CVE-2026-41275 N/A