Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
21 Nov 2024, 02:38
Type | Values Removed | Values Added |
---|---|---|
References | () http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS - Vendor Advisory | |
References | () http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406 - | |
References | () http://lists.opensuse.org/opensuse-updates/2016-01/msg00065.html - | |
References | () http://rhn.redhat.com/errata/RHSA-2016-0491.html - | |
References | () http://www.debian.org/security/2015/dsa-3411 - | |
References | () http://www.debian.org/security/2015/dsa-3429 - | |
References | () http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html - | |
References | () http://www.securityfocus.com/bid/78524 - | |
References | () http://www.ubuntu.com/usn/USN-2831-1 - | |
References | () http://www.ubuntu.com/usn/USN-2831-2 - | |
References | () https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886 - | |
References | () https://lists.debian.org/debian-printing/2015/11/msg00020.html - | |
References | () https://lists.debian.org/debian-printing/2015/12/msg00001.html - |
Information
Published : 2015-12-17 19:59
Updated : 2024-11-21 02:38
NVD link : CVE-2015-8327
Mitre link : CVE-2015-8327
CVE.ORG link : CVE-2015-8327
JSON object : View
Products Affected
redhat
- enterprise_linux_server
- enterprise_linux_server_eus
- enterprise_linux_desktop
- enterprise_linux_hpc_node
- enterprise_linux_workstation
linuxfoundation
- cups-filters
- foomatic-filters
canonical
- ubuntu_linux
debian
- debian_linux
CWE