Lucene search

[email protected]CVE-2011-2964

HistoryJul 29, 2011 - 8:55 p.m.

CVE-2011-2964

2011-07-2920:55:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2011-2964

foomatic-rip

foomatic-filters

foomatic 4.0.6

remote code execution

nvd

7.1 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.065 Low

EPSS

Percentile

93.7%

JSON

foomaticrip.c in foomatic-rip in foomatic-filters in Foomatic 4.0.6 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file, a different vulnerability than CVE-2011-2697.

CPENameOperatorVersion
linuxfoundation:foomaticlinuxfoundation foomaticeq4.0.6

CPE	Name	Operator	Version
linuxfoundation:foomatic	linuxfoundation foomatic	eq	4.0.6

References

secunia.com/advisories/45477

security.gentoo.org/glsa/glsa-201203-07.xml

www.mandriva.com/security/advisories?name=MDVSA-2011:125

www.openwall.com/lists/oss-security/2011/07/13/3

www.openwall.com/lists/oss-security/2011/07/18/3

www.openwall.com/lists/oss-security/2011/07/28/1

www.redhat.com/support/errata/RHSA-2011-1110.html

www.ubuntu.com/usn/USN-1194-1

www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf

bugzilla.novell.com/show_bug.cgi?id=698451

bugzilla.redhat.com/show_bug.cgi?id=721001

exchange.xforce.ibmcloud.com/vulnerabilities/68994

7.1 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.065 Low

EPSS

Percentile

93.7%

JSON

Related for CVE-2011-2964

osv1 nessus22 securityvulns2 openvas30 fedora4 ubuntucve2 ubuntu1 oraclelinux2 prion2 debian1 debiancve2 gentoo1 redhat2 veracode1 centos1 cve1