cups-browsed in cups-filters 1.0.41 before 1.0.51 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the (1) model or (2) PDL, related to "System V interface scripts generated for queues."
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:06
Type | Values Removed | Values Added |
---|---|---|
References | () http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7188#NEWS - | |
References | () http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131485.html - | |
References | () http://seclists.org/oss-sec/2014/q2/13 - | |
References | () http://secunia.com/advisories/57530 - Vendor Advisory | |
References | () http://www.ubuntu.com/usn/USN-2210-1 - | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=1083326 - |
Information
Published : 2014-04-17 14:55
Updated : 2024-11-21 02:06
NVD link : CVE-2014-2707
Mitre link : CVE-2014-2707
CVE.ORG link : CVE-2014-2707
JSON object : View
Products Affected
linuxfoundation
- cups-filters
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')