VYPR

Cups

by Openprinting

Source repositories

CVEs (96)

  • CVE-2017-18248MedMar 26, 2018
    risk 0.00cvss 5.3epss 0.02

    The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification.

  • CVE-2017-18190HigFeb 16, 2018
    risk 0.00cvss 7.5epss 0.03

    A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often…

  • CVE-2014-9679Feb 19, 2015
    risk 0.00cvss epss 0.05

    Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow.

  • CVE-2014-5031Jul 29, 2014
    risk 0.00cvss epss 0.03

    The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors.

  • CVE-2014-5030Jul 29, 2014
    risk 0.00cvss epss 0.00

    CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py.

  • CVE-2014-5029Jul 29, 2014
    risk 0.00cvss epss 0.00

    The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537.

  • CVE-2014-3537Jul 23, 2014
    risk 0.00cvss epss 0.00

    The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.

  • CVE-2014-2856Apr 18, 2014
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function.

  • CVE-2013-6476Mar 14, 2014
    risk 0.00cvss epss 0.00

    The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file.

  • CVE-2013-6474Mar 14, 2014
    risk 0.00cvss epss 0.03

    Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code via a crafted PDF file.

  • CVE-2013-6891Jan 26, 2014
    risk 0.00cvss epss 0.00

    lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf.

  • CVE-2011-3170Aug 19, 2011
    risk 0.00cvss epss 0.04

    The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different…

  • CVE-2011-2896Aug 19, 2011
    risk 0.00cvss epss 0.13

    The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the…

  • CVE-2010-2432Jun 22, 2010
    risk 0.00cvss epss 0.02

    The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses.

  • CVE-2010-2431Jun 22, 2010
    risk 0.00cvss epss 0.00

    The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file.

  • CVE-2010-0542Jun 21, 2010
    risk 0.00cvss epss 0.04

    The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or…

  • CVE-2010-0540Jun 17, 2010
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings.

  • CVE-2010-0393Mar 5, 2010
    risk 0.00cvss epss 0.00

    The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted…

  • CVE-2009-1196Jun 9, 2009
    risk 0.00cvss epss 0.03

    The directory-services functionality in the scheduler in CUPS 1.1.17 and 1.1.22 allows remote attackers to cause a denial of service (cupsd daemon outage or crash) via manipulations of the timing of CUPS browse packets, related to a "pointer use-after-delete flaw."

  • CVE-2009-0164Apr 24, 2009
    risk 0.00cvss epss 0.03

    The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks.