Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-0393HistoryMar 05, 2010 - 7:30 p.m.
CVE-2010-0393
2010-03-0519:30:00
Debian Security Bug Tracker
security-tracker.debian.org
13
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
28.8%
The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cups | < 1.4.2-9.1 | cups_1.4.2-9.1_all.deb |
| Debian | 11 | all | cups | < 1.4.2-9.1 | cups_1.4.2-9.1_all.deb |
| Debian | 10 | all | cups | < 1.4.2-9.1 | cups_1.4.2-9.1_all.deb |
| Debian | 999 | all | cups | < 1.4.2-9.1 | cups_1.4.2-9.1_all.deb |
| Debian | 13 | all | cups | < 1.4.2-9.1 | cups_1.4.2-9.1_all.deb |
Related
cve
cve
CVE-2010-0393
2010-03-05 19:30:00
osv
osv
cups - arbitrary code execution
2010-03-03 00:00:00
ubuntucve
ubuntucve
CVE-2010-0393
2010-03-03 00:00:00
debian
debian
[SECURITY] [DSA 2007-1] New cups packages fix arbitrary code execution
2010-03-03 22:13:55
openvas
openvas
CUPS < 1.4.3 Security Bypass Vulnerability
2010-03-10 00:00:00
Debian Security Advisory DSA 2007-1 (cups)
2010-03-16 00:00:00
Debian: Security Advisory (DSA-2007-1)
2010-03-16 00:00:00
prion
prion
Format string
2010-03-05 19:30:00
securityvulns
securityvulns
cups lppasswd format string vulnerability
2010-03-04 00:00:00
[SECURITY] [DSA 2007-1] New cups packages fix arbitrary code execution
2010-03-04 00:00:00
nessus
nessus
Debian DSA-2007-1 : cups - format string vulnerability
2010-03-05 00:00:00
CUPS < 1.4.3 Multiple Vulnerabilities
2010-04-16 00:00:00
SuSE 11 Security Update : CUPS (SAT Patch Number 2108)
2010-03-19 00:00:00
ubuntu
ubuntu
CUPS vulnerabilities
2010-03-03 00:00:00
gentoo
gentoo
CUPS: Multiple vulnerabilities
2012-07-09 00:00:00
threatpost
threatpost
Apple Mega Patch Covers 88 Mac OS X Vulnerabilities
2010-03-29 17:15:44
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
28.8%
Related for DEBIANCVE:CVE-2010-0393