VYPR
Unrated severityNVD Advisory· Published Jul 23, 2014· Updated Jun 17, 2026

CVE-2014-3537

CVE-2014-3537

Description

The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

12
  • Apple Inc./Cups6 versions
    cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*range: <=1.7.3
    • cpe:2.3:a:apple:cups:1.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:cups:1.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:cups:1.7.1:b1:*:*:*:*:*:*
    • cpe:2.3:a:apple:cups:1.7.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:cups:1.7:rc1:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*+ 2 more
    • cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
  • Openprinting/Cupsllm-create
    Range: <1.7.4

Patches

Vulnerability mechanics

References

15

News mentions

0

No linked articles in our index yet.