CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2011-2924
https://notcve.org/view.php?id=CVE-2011-2924
19 Nov 2019 — foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter. foomatic-rip filter versión v4.0.12 y anteriores, utilizó archivos temporales creados de manera no segura para el almacenamiento de datos PostScript me... • https://access.redhat.com/security/cve/cve-2011-2924 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 4%CPEs: 61EXPL: 0CVE-2015-8560 – cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character
https://notcve.org/view.php?id=CVE-2015-8560
16 Dec 2015 — Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327. Vulnerabilidad de lista negra incompleta en util.c en foomatic-rip en cups-filters 1.0.42 en versiones anteriores a 1.4.0 y en foomatic-filters en Foomatic 4.0.x permite a atacantes remotos ejecutar comandos arbitrarios a travé... • http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 13%CPEs: 64EXPL: 0CVE-2015-8327 – cups-filters: foomatic-rip did not consider the back tick as an illegal shell escape character
https://notcve.org/view.php?id=CVE-2015-8327
03 Dec 2015 — Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job. Vulnerabilidad de lista negra incompleta en util.c en foomatic-rip en cups-filters 1.0.42 en versiones anteriores a 1.2.0 y en foomatic-filters en Foomatic 4.0.x permite a atacantes remotos ejecutar comandos arbitrarios a través de caracteres ` (acento grave) en un trabajo d... • http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •