VulnerableCode Package Details - pkg:deb/ubuntu/cups-filters@1.0.52-0ubuntu1.4

Search for packages

Package details: pkg:deb/ubuntu/cups-filters@1.0.52-0ubuntu1.4

Essentials
History (0)

purl	pkg:deb/ubuntu/cups-filters@1.0.52-0ubuntu1.4

Next non-vulnerable version	1.4.0-1
Latest non-vulnerable version	1.4.0-1
Risk	3.4

Vulnerabilities affecting this package (4)

Vulnerability	Summary	Fixed by
VCID-5r36-d4z9-aaar Aliases: CVE-2015-8327	Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.	1.0.52-0ubuntu1.6 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.2.0-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-sv1v-5ata-aaap Aliases: CVE-2015-8560	Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327.	1.0.52-0ubuntu1.7 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.4.0-1 Affected by 0 other vulnerabilities.
VCID-vgxz-jsxc-aaan Aliases: CVE-2015-3258	Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in texttopdf in cups-filters before 1.0.70 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a small line size in a print job.	1.0.52-0ubuntu1.5 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-xchc-jqf7-aaac Aliases: CVE-2015-3279	Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line size in a print job, which triggers a heap-based buffer overflow.	1.0.52-0ubuntu1.5 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-8xgw-dx15-aaac	The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707.	CVE-2015-2265

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version