Unrated severityNVD Advisory· Published Jun 22, 2014· Updated May 6, 2026

CVE-2014-4336

Description

The generate_local_queue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707.

Affected products

Linux Foundation/Cups Filters
cpe:2.3:a:linuxfoundation:cups-filters:*:*:*:*:*:*:*:*
Range: <=1.0.52

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7194nvdPatchThird Party Advisory
openwall.com/lists/oss-security/2014/04/25/7nvdPatchThird Party Advisory
openwall.com/lists/oss-security/2014/06/19/12nvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000