CVSS: 10.0EPSS: 95%CPEs: 1EXPL: 4CVE-2015-1158 – CUPS < 2.0.3 - Remote Command Execution
https://notcve.org/view.php?id=CVE-2015-1158
10 Jun 2015 — The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trigger data corruption for reference-counted strings via a crafted (1) IPP_CREATE_JOB or (2) IPP_PRINT_JOB request, as demonstrated by replacing the configuration file and consequently executing arbitrary code. La función add_job en scheduler/ipp.c en cupsd en CUPS anterior a 2.0.3 realiza incorrectamente las opera... • https://packetstorm.news/files/id/140920 • CWE-254: 7PK - Security Features •
CVSS: 9.8EPSS: 74%CPEs: 1EXPL: 2CVE-2015-1159 – cups: cross-site scripting flaw in CUPS web UI (VU#810572)
https://notcve.org/view.php?id=CVE-2015-1159
10 Jun 2015 — Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/. Vulnerabilidad de XSS en la función cgi_puts en cgi-bin/template.c en el motor de plantillas en CUPS anterior a 2.0.3 permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través del parámetro QUERY en help/. A cross-site scripting flaw was found in th... • https://packetstorm.news/files/id/132389 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 1%CPEs: 9EXPL: 0CVE-2014-9679 – cups: cupsRasterReadPixels buffer overflow
https://notcve.org/view.php?id=CVE-2014-9679
19 Feb 2015 — Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow. Desbordamiento de enteros en la función cupsRasterReadPixels en filter/raster.c en CUPS anterior a 2.0.2 permite a atacantes remotos tener un impacto no especificado a través de un fichero de raster comprimido malformado, lo que provoca un desbordamiento de buffer. An integer overflow flaw, ... • http://advisories.mageia.org/MGASA-2015-0067.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.4EPSS: 0%CPEs: 10EXPL: 0CVE-2014-5031 – cups: world-readable permissions
https://notcve.org/view.php?id=CVE-2014-5031
28 Jul 2014 — The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors. La interfaz web en CUPS anterior a 2.0 no comprueba que los ficheros tienen permisos de lectura universal, lo que permite a atacantes remotos obtener información sensible a través de vectores no especificados. It was discovered that CUPS allowed certain users to create symbolic links in certain directories under /var/cache/cup... • http://advisories.mageia.org/MGASA-2014-0313.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.4EPSS: 0%CPEs: 10EXPL: 0CVE-2014-5030 – cups: allows local users to read arbitrary files via a symlink attack
https://notcve.org/view.php?id=CVE-2014-5030
28 Jul 2014 — CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py. CUPS anterior a 2.0 permite a usuarios locales leer ficheros arbitrarios a través de un ataque de enlace simbólico sobre (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc o (6) index.py. It was discovered that CUPS allowed certain users to create symbolic links in certain directories under /var/cache/cups/. ... • http://advisories.mageia.org/MGASA-2014-0313.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-3537 – cups: insufficient checking leads to privilege escalation
https://notcve.org/view.php?id=CVE-2014-3537
21 Jul 2014 — The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/. La interfaz web en CUPS anterior a 1.7.4 permite a usuarios locales en el grupo lp leer ficheros arbitrarios a través de un ataque de enlace simbólico sobre un fichero en /var/cache/cups/rss/. It was discovered that CUPS allowed certain users to create symbolic links in certain directories under /var/cache/cups/. A local user with the 'lp' group privileges... • http://advisories.mageia.org/MGASA-2014-0313.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.1EPSS: 0%CPEs: 111EXPL: 0CVE-2014-2856 – cups: cross-site scripting flaw fixed in the 1.7.2 release
https://notcve.org/view.php?id=CVE-2014-2856
18 Apr 2014 — Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function. Vulnerabilidad de XSS en scheduler/client.c en Common Unix Printing System (CUPS) anterior a 1.7.2 permite a atacantes remotos inyectar script Web o HTML arbitrarios a través de la ruta de URL, relacionado con la función is_path_absolute. A cross-site scripting (XSS) flaw wa... • http://advisories.mageia.org/MGASA-2014-0193.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2013-6891 – Ubuntu Security Notice USN-2082-1
https://notcve.org/view.php?id=CVE-2013-6891
15 Jan 2014 — lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf. lppasswd en CUPS anteriores a 1.7.1, cuando se ejecuta con privilegios setuid, permite a usuarios locales leer porciones de archivos arbitrarios a través de una variable de entorno HOME modificada y un ataque symlink que involucra .cups/client.conf lppasswd in CUPS before 1.7.1, when running with ... • http://advisories.mageia.org/MGASA-2014-0021.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 2CVE-2012-5519 – cups: privilege escalation for users of the CUPS SystemGroup group
https://notcve.org/view.php?id=CVE-2012-5519
20 Nov 2012 — CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface. CUPS v1.4.4, cuando se ejecuta en ciertas distribuciones de Linux como Debian GNU/Linux, almacena la la clave de la interfaz web del administrador en /var/run/cups/certs/0 con ciertos permisos, lo que permite a los ... • https://github.com/p1ckzi/CVE-2012-5519 • CWE-264: Permissions, Privileges, and Access Controls CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 11%CPEs: 3EXPL: 0CVE-2011-2896 – David Koblas' GIF decoder LZW decoder buffer overflow
https://notcve.org/view.php?id=CVE-2011-2896
19 Aug 2011 — The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to ... • http://cups.org/str.php?L3867 • CWE-787: Out-of-bounds Write •