rpm package
suse/cups-filters&distro=SUSE Linux Enterprise Server for SAP Applications 12
pkg:rpm/suse/cups-filters&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-8327 | — | < 1.0.58-13.1 | 1.0.58-13.1 | Dec 17, 2015 | Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job. | ||
| CVE-2015-3279 | — | < 1.0.58-8.1 | 1.0.58-8.1 | Jul 14, 2015 | Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which triggers a heap-based buffer overflow. | ||
| CVE-2015-3258 | — | < 1.0.58-8.1 | 1.0.58-8.1 | Jul 14, 2015 | Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in texttopdf in cups-filters before 1.0.70 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a small line size in a print job. | ||
| CVE-2015-2265 | — | < 1.0.58-5.1 | 1.0.58-5.1 | Mar 24, 2015 | The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014 |
- CVE-2015-8327Dec 17, 2015affected < 1.0.58-13.1fixed 1.0.58-13.1
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.
- CVE-2015-3279Jul 14, 2015affected < 1.0.58-8.1fixed 1.0.58-8.1
Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which triggers a heap-based buffer overflow.
- CVE-2015-3258Jul 14, 2015affected < 1.0.58-8.1fixed 1.0.58-8.1
Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in texttopdf in cups-filters before 1.0.70 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a small line size in a print job.
- CVE-2015-2265Mar 24, 2015affected < 1.0.58-5.1fixed 1.0.58-5.1
The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014