Linuxfoundation » Cups-filters : Security Vulnerabilities, CVEs, Published In 2015

CVE-2015-8327

Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.
Max CVSS
7.5
EPSS Score
2.37%
Published
2015-12-17
Updated
2018-10-30

CVE-2015-3279

Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which triggers a heap-based buffer overflow.
Max CVSS
7.5
EPSS Score
5.89%
Published
2015-07-14
Updated
2016-12-28

CVE-2015-3258

Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in texttopdf in cups-filters before 1.0.70 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a small line size in a print job.
Max CVSS
7.5
EPSS Score
7.31%
Published
2015-07-14
Updated
2023-02-12

CVE-2015-2265

The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707.
Max CVSS
7.5
EPSS Score
1.91%
Published
2015-03-24
Updated
2016-12-28
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close