CUPS 1.2.9

CPE Details

CUPS 1.2.9
cups
cups
1.2.9
2020-10-27
20h23 +00:00
2020-10-27
20h23 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:cups:cups:1.2.9:*:*:*:*:*:*:*

Informations

Vendor

cups

Product

cups

Version

1.2.9

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2014-8166 2018-01-12 16h00 +00:00 The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name.
8.8
High
CVE-2015-1158 2015-06-26 08h00 +00:00 The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trigger data corruption for reference-counted strings via a crafted (1) IPP_CREATE_JOB or (2) IPP_PRINT_JOB request, as demonstrated by replacing the configuration file and consequently executing arbitrary code.
10
CVE-2015-1159 2015-06-26 08h00 +00:00 Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/.
4.3
CVE-2007-4351 2007-10-31 21h00 +00:00 Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow.
10