Vulnerability Report

CVE-2011-2896

Title: Apple Cups RCE

Memory Corruption

Proof Of Concept

No public PoC currently indexed for CVE-2011-2896.

CWE Category CWE-787

Published Date Aug 19, 2011

Modified Date Apr 29, 2026

Exploit Status Not Found

Score 5.1 CVSS v2.0

Exploit Probability (EPSS)

7.22%

Vulnerability Summary

CVE-2011-2896: The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895.

Impacted Vendors

easy_software_products 1

Reference Links

http://cups.org/str.php?L3867 http://git.gnome.org/browse/gimp/commit/?id=376ad788c1a1c31d40f18494889c383f6909ebfc http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064600.html http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064873.html http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065527.html http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065539.html http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065550.html http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065651.html http://rhn.redhat.com/errata/RHSA-2012-1180.html http://rhn.redhat.com/errata/RHSA-2012-1181.html http://secunia.com/advisories/45621 http://secunia.com/advisories/45900 http://secunia.com/advisories/45945 http://secunia.com/advisories/45948 http://secunia.com/advisories/46024 http://secunia.com/advisories/48236 http://secunia.com/advisories/48308 http://secunia.com/advisories/50737 http://security.gentoo.org/glsa/glsa-201209-23.xml http://www.debian.org/security/2011/dsa-2354 http://www.debian.org/security/2012/dsa-2426 http://www.mandriva.com/security/advisories?name=MDVSA-2011:146 http://www.mandriva.com/security/advisories?name=MDVSA-2011:167 http://www.openwall.com/lists/oss-security/2011/08/10/10 http://www.redhat.com/support/errata/RHSA-2011-1635.html http://www.securityfocus.com/bid/49148 http://www.securitytracker.com/id?1025929 http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c4 http://www.ubuntu.com/usn/USN-1207-1 http://www.ubuntu.com/usn/USN-1214-1 https://bugzilla.redhat.com/show_bug.cgi?id=727800 https://bugzilla.redhat.com/show_bug.cgi?id=730338 http://cups.org/str.php?L3867 http://git.gnome.org/browse/gimp/commit/?id=376ad788c1a1c31d40f18494889c383f6909ebfc http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064600.html http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064873.html http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065527.html http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065539.html http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065550.html http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065651.html http://rhn.redhat.com/errata/RHSA-2012-1180.html http://rhn.redhat.com/errata/RHSA-2012-1181.html http://secunia.com/advisories/45621 http://secunia.com/advisories/45900 http://secunia.com/advisories/45945 http://secunia.com/advisories/45948 http://secunia.com/advisories/46024 http://secunia.com/advisories/48236 http://secunia.com/advisories/48308 http://secunia.com/advisories/50737 http://security.gentoo.org/glsa/glsa-201209-23.xml http://www.debian.org/security/2011/dsa-2354 http://www.debian.org/security/2012/dsa-2426 http://www.mandriva.com/security/advisories?name=MDVSA-2011:146 http://www.mandriva.com/security/advisories?name=MDVSA-2011:167 http://www.openwall.com/lists/oss-security/2011/08/10/10 http://www.redhat.com/support/errata/RHSA-2011-1635.html http://www.securityfocus.com/bid/49148 http://www.securitytracker.com/id?1025929 http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c4 http://www.ubuntu.com/usn/USN-1207-1 http://www.ubuntu.com/usn/USN-1214-1 https://bugzilla.redhat.com/show_bug.cgi?id=727800 https://bugzilla.redhat.com/show_bug.cgi?id=730338

CVSS v2.0

Source Entity [email protected]

Severity MEDIUM

5.1

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:H/Au:N/C:P/I:P/A:P

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2011-2896 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

April 29, 2026 MODIFIED

Vulnerability data updated via NVD.

April 11, 2025 MODIFIED

Vulnerability data or affected products updated.

August 19, 2011 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:H/Au:N/C:P/I:P/A:P

Affected Stack

No specific products linked.