[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247974

 
 

909

 
 

194654

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-2707Date: (C)2014-04-21   (M)2023-12-22


cups-browsed in cups-filters 1.0.41 before 1.0.51 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the (1) model or (2) PDL, related to "System V interface scripts generated for queues."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 8.3
Exploit Score: 6.5
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: ADJACENT_NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECUNIA-57530
FEDORA-2014-4708
USN-2210-1
http://seclists.org/oss-sec/2014/q2/13
http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7188#NEWS
https://bugzilla.redhat.com/show_bug.cgi?id=1083326

CPE    10
cpe:/a:linuxfoundation:cups-filters:1.0.48
cpe:/a:linuxfoundation:cups-filters:1.0.47
cpe:/a:linuxfoundation:cups-filters:1.0.49
cpe:/a:linuxfoundation:cups-filters:1.0.44
...
CWE    1
CWE-78
OVAL    7
oval:org.secpod.oval:def:108488
oval:org.secpod.oval:def:106845
oval:org.secpod.oval:def:106938
oval:org.secpod.oval:def:52210
...

© SecPod Technologies