Info

Disclosure

Mar 05, 2009

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Apr 16, 2009

Description

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Disclosure: Vendor Verified
OSVDB: Web Related

Solution

Upgrade to version 1.3.10 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Unknown or Incomplete

References

CVE ID: 2009-0164 (see also: NVD)
Bugtraq ID: 34665
Secunia Advisory ID: 35074
Vendor Specific News/Changelog Entry: http://bugs.gentoo.org/show_bug.cgi?id=263070
http://support.apple.com/kb/HT3549
http://wiki.rpath.com/Advisories:rPSA-2009-0061
http://www.cups.org/articles.php?L582
http://www.cups.org/str.php?L3118
https://bugzilla.redhat.com/show_bug.cgi?id=490597
Mail List Post: http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
Vendor Specific Solution URL: http://security.gentoo.org/glsa/glsa-200904-20.xml
Vendor Specific Advisory URL: http://support.apple.com/kb/HT1222
Other Advisory URL: http://www.vupen.com/english/advisories/2009/1297
CERT: TA09-133A

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/54461