Lucene search

K
cve[email protected]CVE-2015-8560
HistoryApr 14, 2016 - 2:59 p.m.

CVE-2015-8560

2016-04-1414:59:06
web.nvd.nist.gov
58
cve-2015-8560
incomplete blacklist vulnerability
util.c
foomatic-rip
cups-filters
remote attackers
arbitrary commands
nvd

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

7.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.024 Low

EPSS

Percentile

89.9%

Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327.

Affected configurations

NVD
Node
canonicalubuntu_linuxMatch12.04lts
OR
canonicalubuntu_linuxMatch14.04lts
OR
canonicalubuntu_linuxMatch15.04
OR
canonicalubuntu_linuxMatch15.10
Node
debiandebian_linuxMatch8.0
Node
linuxfoundationcups-filtersMatch1.0.42
OR
linuxfoundationcups-filtersMatch1.0.43
OR
linuxfoundationcups-filtersMatch1.0.44
OR
linuxfoundationcups-filtersMatch1.0.45
OR
linuxfoundationcups-filtersMatch1.0.46
OR
linuxfoundationcups-filtersMatch1.0.47
OR
linuxfoundationcups-filtersMatch1.0.48
OR
linuxfoundationcups-filtersMatch1.0.49
OR
linuxfoundationcups-filtersMatch1.0.50
OR
linuxfoundationcups-filtersMatch1.0.51
OR
linuxfoundationcups-filtersMatch1.0.52
OR
linuxfoundationcups-filtersMatch1.0.53
OR
linuxfoundationcups-filtersMatch1.0.54
OR
linuxfoundationcups-filtersMatch1.0.55
OR
linuxfoundationcups-filtersMatch1.0.56
OR
linuxfoundationcups-filtersMatch1.0.57
OR
linuxfoundationcups-filtersMatch1.0.58
OR
linuxfoundationcups-filtersMatch1.0.59
OR
linuxfoundationcups-filtersMatch1.0.60
OR
linuxfoundationcups-filtersMatch1.0.61
OR
linuxfoundationcups-filtersMatch1.0.62
OR
linuxfoundationcups-filtersMatch1.0.63
OR
linuxfoundationcups-filtersMatch1.0.64
OR
linuxfoundationcups-filtersMatch1.0.65
OR
linuxfoundationcups-filtersMatch1.0.66
OR
linuxfoundationcups-filtersMatch1.0.67
OR
linuxfoundationcups-filtersMatch1.0.68
OR
linuxfoundationcups-filtersMatch1.0.69
OR
linuxfoundationcups-filtersMatch1.0.70
OR
linuxfoundationcups-filtersMatch1.0.71
OR
linuxfoundationcups-filtersMatch1.0.72
OR
linuxfoundationcups-filtersMatch1.0.73
OR
linuxfoundationcups-filtersMatch1.0.74
OR
linuxfoundationcups-filtersMatch1.0.75
OR
linuxfoundationcups-filtersMatch1.0.76
OR
linuxfoundationcups-filtersMatch1.1.0
OR
linuxfoundationcups-filtersMatch1.2.0
OR
linuxfoundationcups-filtersMatch1.3.0
Node
linuxfoundationfoomatic-filtersMatch4.0.0
OR
linuxfoundationfoomatic-filtersMatch4.0.1
OR
linuxfoundationfoomatic-filtersMatch4.0.2
OR
linuxfoundationfoomatic-filtersMatch4.0.3
OR
linuxfoundationfoomatic-filtersMatch4.0.4
OR
linuxfoundationfoomatic-filtersMatch4.0.5
OR
linuxfoundationfoomatic-filtersMatch4.0.6
OR
linuxfoundationfoomatic-filtersMatch4.0.7
OR
linuxfoundationfoomatic-filtersMatch4.0.8
OR
linuxfoundationfoomatic-filtersMatch4.0.9
OR
linuxfoundationfoomatic-filtersMatch4.0.10
OR
linuxfoundationfoomatic-filtersMatch4.0.11
OR
linuxfoundationfoomatic-filtersMatch4.0.12
OR
linuxfoundationfoomatic-filtersMatch4.0.13
OR
linuxfoundationfoomatic-filtersMatch4.0.14
OR
linuxfoundationfoomatic-filtersMatch4.0.15
OR
linuxfoundationfoomatic-filtersMatch4.0.16
OR
linuxfoundationfoomatic-filtersMatch4.0.17

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

7.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.024 Low

EPSS

Percentile

89.9%