Search for packages
| purl | pkg:deb/ubuntu/cups@1.4.6-11 |
| Next non-vulnerable version | 2.3.1-9ubuntu1.1 |
| Latest non-vulnerable version | 2.3.1-9ubuntu1.1 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1xwf-jajh-aaah
Aliases: CVE-2014-5031 |
The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors. |
Affected by 16 other vulnerabilities. |
|
VCID-3dsn-2jt3-aaak
Aliases: CVE-2018-4300 |
The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web interface is enabled. This issue affected versions prior to v2.2.10. |
Affected by 0 other vulnerabilities. |
|
VCID-4s3k-m9au-aaad
Aliases: CVE-2014-3537 |
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/. |
Affected by 19 other vulnerabilities. |
|
VCID-4sn3-cw3j-aaaa
Aliases: CVE-2018-4700 |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-4300. Reason: This candidate is a duplicate of CVE-2018-4300. Notes: All CVE users should reference CVE-2018-4300 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage |
Affected by 12 other vulnerabilities. Affected by 6 other vulnerabilities. |
|
VCID-74p3-81x4-aaas
Aliases: CVE-2018-4180 |
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. |
Affected by 9 other vulnerabilities. Affected by 7 other vulnerabilities. |
|
VCID-85by-9qst-aaad
Aliases: CVE-2014-2856 |
Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function. |
Affected by 20 other vulnerabilities. |
|
VCID-cjms-6qnk-aaaq
Aliases: CVE-2018-4181 |
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. |
Affected by 9 other vulnerabilities. Affected by 7 other vulnerabilities. |
|
VCID-cs84-z94n-aaac
Aliases: CVE-2019-2228 |
In array_find of array.c, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to local information disclosure in the printer spooler with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-111210196 |
Affected by 2 other vulnerabilities. Affected by 3 other vulnerabilities. |
|
VCID-eehn-r62r-aaah
Aliases: CVE-2018-6553 |
The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions prior to 2.2.7-1ubuntu2.1 in Ubuntu 18.04 LTS, prior to 2.2.4-7ubuntu3.1 in Ubuntu 17.10, prior to 2.1.3-4ubuntu0.5 in Ubuntu 16.04 LTS, and prior to 1.7.2-0ubuntu1.10 in Ubuntu 14.04 LTS. |
Affected by 9 other vulnerabilities. Affected by 7 other vulnerabilities. |
|
VCID-gd2u-4vv8-aaak
Aliases: CVE-2019-8696 |
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code. |
Affected by 4 other vulnerabilities. |
|
VCID-gy3x-nbgz-aaaj
Aliases: CVE-2014-9679 |
Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow. |
Affected by 15 other vulnerabilities. |
|
VCID-hcxc-ggtu-aaaf
Aliases: CVE-2020-3898 |
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges. |
Affected by 2 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-kttz-gq2j-aaae
Aliases: CVE-2011-2896 |
The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895. |
Affected by 22 other vulnerabilities. |
|
VCID-nb7f-g2gh-aaaa
Aliases: CVE-2014-5029 |
The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537. |
Affected by 16 other vulnerabilities. |
|
VCID-pcw9-ydw9-aaae
Aliases: CVE-2014-5030 |
CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py. |
Affected by 16 other vulnerabilities. |
|
VCID-pewb-h5sr-aaah
Aliases: CVE-2015-1159 |
Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/. |
Affected by 13 other vulnerabilities. |
|
VCID-pfpr-8zqy-aaak
Aliases: CVE-2015-1158 |
The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trigger data corruption for reference-counted strings via a crafted (1) IPP_CREATE_JOB or (2) IPP_PRINT_JOB request, as demonstrated by replacing the configuration file and consequently executing arbitrary code. |
Affected by 13 other vulnerabilities. |
|
VCID-qmhw-fw7n-aaah
Aliases: CVE-2019-2180 |
In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the printer service with no additional execution privileges needed. User interaction is not needed for exploitation. |
Affected by 0 other vulnerabilities. |
|
VCID-qsan-tgw4-aaae
Aliases: CVE-2017-18248 |
The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification. |
Affected by 9 other vulnerabilities. Affected by 10 other vulnerabilities. |
|
VCID-qw9c-fsv1-aaac
Aliases: CVE-2011-3170 |
The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896. |
Affected by 21 other vulnerabilities. |
|
VCID-tkcn-88pf-aaag
Aliases: CVE-2019-8675 |
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code. |
Affected by 4 other vulnerabilities. |
|
VCID-w8s4-rypx-aaar
Aliases: CVE-2017-18190 |
A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS server (neither the OS nor the web browser is responsible for ensuring that localhost.localdomain is 127.0.0.1). |
Affected by 12 other vulnerabilities. Affected by 12 other vulnerabilities. |
|
VCID-y9fv-tu4k-aaaa
Aliases: CVE-2017-15400 |
Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue. |
Affected by 10 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|