CVE-2015-8560
Description
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327.
Risk Information
Base Score
7.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score
Exploitation Probability
10.031
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| OpenPrinting CUPS Filters (USN-2725-1) cups-filters-ippusbxd_1.0.67-0ubuntu2.6_i386.deb | Linux |
| OpenPrinting CUPS Filters (USN-2725-1) cups-filters-ippusbxd_1.0.67-0ubuntu2.6_amd64.deb | Linux |
| foomatic-filters security update(DSA-3429-1) foomatic-filters_4.0.17-1+deb7u1_i386.deb | Linux |
| foomatic-filters security update(DSA-3429-1) foomatic-filters_4.0.17-5+deb8u1_amd64.deb | Linux |
| Foomatic security update (CESA-2016:0491) foomatic-4.0.4-5.el6_7.i686.rpm | Linux |
| Foomatic security update (CESA-2016:0491) foomatic-4.0.4-5.el6_7.x86_64.rpm | Linux |
| (RHSA-2016:0491) Moderate: foomatic security update foomatic-4.0.4-5.el6_7.i686.rpm | Linux |
| (RHSA-2016:0491) Moderate: foomatic security update foomatic-4.0.4-5.el6_7.x86_64.rpm | Linux |
| SUSE-SU-2016:0112-1(SUSE Linux Enterprise Desktop 11-SP3 ) foomatic-filters-3.0.2-269.39.1.x86_64.rpm | Linux |
| Foomatic update (ELSA-2016-0491) foomatic-4.0.4-5.el6_7.x86_64.rpm | Linux |
| Foomatic update (ELSA-2016-0491) foomatic-4.0.4-5.el6_7.i686.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234