Search for vulnerabilities
Vulnerability details: VCID-pfpr-8zqy-aaak
Vulnerability ID VCID-pfpr-8zqy-aaak
Aliases CVE-2015-1158
Summary The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trigger data corruption for reference-counted strings via a crafted (1) IPP_CREATE_JOB or (2) IPP_PRINT_JOB request, as demonstrated by replacing the configuration file and consequently executing arbitrary code.
Status Published
Exploitability 2.0
Weighted Severity 9.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-254 7PK - Security Features
System Score Found at
generic_textual High http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1158.html
rhas Important https://access.redhat.com/errata/RHSA-2015:1123
epss 0.71239 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.71239 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.71239 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.71239 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.71239 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.71239 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.71239 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.71239 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.71239 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.71239 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.71535 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.71535 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.71535 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.71535 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.71535 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.71535 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.71535 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.81277 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.91781 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.91781 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.91781 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.91781 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.91781 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.91781 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.91781 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.91781 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.91781 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.91781 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.91781 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.95017 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.95017 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
epss 0.95017 https://api.first.org/data/v1/epss?cve=CVE-2015-1158
generic_textual High https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1158
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1159
cvssv2 10.0 https://nvd.nist.gov/vuln/detail/CVE-2015-1158
generic_textual Medium https://ubuntu.com/security/notices/USN-2629-1
generic_textual Medium http://www.kb.cert.org/vuls/id/810572
Reference id Reference type URL
http://googleprojectzero.blogspot.in/2015/06/owning-internet-printing-case-study-in.html
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10702
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00010.html
http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1158.html
http://rhn.redhat.com/errata/RHSA-2015-1123.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1158.json
https://api.first.org/data/v1/epss?cve=CVE-2015-1158
https://bugzilla.opensuse.org/show_bug.cgi?id=924208
https://bugzilla.redhat.com/show_bug.cgi?id=1221641
https://code.google.com/p/google-security-research/issues/detail?id=455
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1158
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1159
https://github.com/0x00string/oldays/blob/master/CVE-2015-1158.py
https://security.gentoo.org/glsa/201510-07
https://ubuntu.com/security/notices/USN-2629-1
https://www.cups.org/str.php?L4609
https://www.exploit-db.com/exploits/37336/
https://www.exploit-db.com/exploits/41233/
http://www.cups.org/blog.php?L1082
http://www.debian.org/security/2015/dsa-3283
http://www.kb.cert.org/vuls/id/810572
http://www.securityfocus.com/bid/75098
http://www.securitytracker.com/id/1032556
http://www.ubuntu.com/usn/USN-2629-1
cpe:2.3:a:cups:cups:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cups:cups:*:*:*:*:*:*:*:*
CVE-2015-1158 Exploit https://github.com/0x00string/oldays/blob/ab7fdbce3f614fa4f8b62ea9b79bce2da0a0f278/CVE-2015-1158.py
CVE-2015-1158 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/41233.py
CVE-2015-1158 https://nvd.nist.gov/vuln/detail/CVE-2015-1158
CVE-2015-1158;OSVDB-123116 Exploit http://googleprojectzero.blogspot.se/2015/06/owning-internet-printing-case-study-in.html
CVE-2015-1158;OSVDB-123116 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/37336.txt
RHSA-2015:1123 https://access.redhat.com/errata/RHSA-2015:1123
USN-2629-1 https://usn.ubuntu.com/2629-1/
Data source Exploit-DB
Date added June 22, 2015
Description CUPS < 2.0.3 - Multiple Vulnerabilities
Ransomware campaign use Known
Source publication date June 22, 2015
Exploit type remote
Platform multiple
Source update date Feb. 3, 2017
Source URL http://googleprojectzero.blogspot.se/2015/06/owning-internet-printing-case-study-in.html
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2015-1158
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.98609
EPSS Score 0.71239
Published At June 9, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.