Home

CVE-2015-8327

Description

Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via (backtick) characters in a print job.

Risk Information

Base Score
5.6
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score
Exploitation Probability
19.458

Associated Vulnerability

VulnerabilityOS Platform
OpenPrinting CUPS Filters (USN-2831-1) cups-filters_1.0.76-1_i386.debLinux
OpenPrinting CUPS Filters (USN-2831-1) cups-filters_1.0.76-1_amd64.debLinux
OpenPrinting printer support - filters (USN-2831-2) foomatic-filters_4.0.16-0ubuntu0.4_i386.debLinux
OpenPrinting printer support - filters (USN-2831-2) foomatic-filters_4.0.16-0ubuntu0.4_amd64.debLinux
foomatic-filters security update(DSA-3429-1) foomatic-filters_4.0.17-1+deb7u1_i386.debLinux
foomatic-filters security update(DSA-3429-1) foomatic-filters_4.0.17-5+deb8u1_amd64.debLinux
Foomatic security update (CESA-2016:0491) foomatic-4.0.4-5.el6_7.i686.rpmLinux
Foomatic security update (CESA-2016:0491) foomatic-4.0.4-5.el6_7.x86_64.rpmLinux
(RHSA-2016:0491) Moderate: foomatic security update foomatic-4.0.4-5.el6_7.i686.rpmLinux
(RHSA-2016:0491) Moderate: foomatic security update foomatic-4.0.4-5.el6_7.x86_64.rpmLinux
SUSE-SU-2016:0092-1(SUSE Linux Enterprise Desktop 12-SP1 ) cups-filters-1.0.58-13.1.x86_64.rpmLinux
SUSE-SU-2016:0092-1(SUSE Linux Enterprise Desktop 12-SP1 ) cups-filters-cups-browsed-1.0.58-13.1.x86_64.rpmLinux
SUSE-SU-2016:0092-1(SUSE Linux Enterprise Desktop 12-SP1 ) cups-filters-cups-browsed-debuginfo-1.0.58-13.1.x86_64.rpmLinux
SUSE-SU-2016:0092-1(SUSE Linux Enterprise Desktop 12-SP1 ) cups-filters-debuginfo-1.0.58-13.1.x86_64.rpmLinux
SUSE-SU-2016:0092-1(SUSE Linux Enterprise Desktop 12-SP1 ) cups-filters-debugsource-1.0.58-13.1.x86_64.rpmLinux
SUSE-SU-2016:0092-1(SUSE Linux Enterprise Desktop 12-SP1 ) cups-filters-foomatic-rip-1.0.58-13.1.x86_64.rpmLinux
SUSE-SU-2016:0092-1(SUSE Linux Enterprise Desktop 12-SP1 ) cups-filters-foomatic-rip-debuginfo-1.0.58-13.1.x86_64.rpmLinux
SUSE-SU-2016:0092-1(SUSE Linux Enterprise Desktop 12-SP1 ) cups-filters-ghostscript-1.0.58-13.1.x86_64.rpmLinux
SUSE-SU-2016:0092-1(SUSE Linux Enterprise Desktop 12-SP1 ) cups-filters-ghostscript-debuginfo-1.0.58-13.1.x86_64.rpmLinux
SUSE-SU-2016:0112-1(SUSE Linux Enterprise Desktop 11-SP3 ) foomatic-filters-3.0.2-269.39.1.x86_64.rpmLinux
Foomatic update (ELSA-2016-0491) foomatic-4.0.4-5.el6_7.x86_64.rpmLinux
Foomatic update (ELSA-2016-0491) foomatic-4.0.4-5.el6_7.i686.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234