VulnerableCode Package Details - pkg:deb/ubuntu/cups-filters@1.0.52-0ubuntu1.5

Search for packages

Vulnerability	Summary	Fixed by
VCID-5r36-d4z9-aaar Aliases: CVE-2015-8327	Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.	1.0.52-0ubuntu1.6 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.2.0-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-sv1v-5ata-aaap Aliases: CVE-2015-8560	Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327.	1.0.52-0ubuntu1.7 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.4.0-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-5r36-d4z9-aaar
Aliases:
CVE-2015-8327

Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.

1.0.52-0ubuntu1.6
Affected by 1 other vulnerability.

1.2.0-1
Affected by 1 other vulnerability.

VCID-sv1v-5ata-aaap
Aliases:
CVE-2015-8560

Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327.

1.0.52-0ubuntu1.7
Affected by 1 other vulnerability.

1.4.0-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-vgxz-jsxc-aaan	Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in texttopdf in cups-filters before 1.0.70 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a small line size in a print job.	CVE-2015-3258
VCID-xchc-jqf7-aaac	Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which triggers a heap-based buffer overflow.	CVE-2015-3279

Vulnerability

Summary

Aliases

VCID-vgxz-jsxc-aaan

Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in texttopdf in cups-filters before 1.0.70 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a small line size in a print job.

CVE-2015-3258

VCID-xchc-jqf7-aaac

Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which triggers a heap-based buffer overflow.

CVE-2015-3279

Next non-vulnerable version	1.4.0-1
Latest non-vulnerable version	1.4.0-1
Risk	3.4