Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2015-1158HistoryJun 26, 2015 - 10:59 a.m.
CVE-2015-1158
2015-06-2610:59:00
Debian Security Bug Tracker
security-tracker.debian.org
11
0.933 High
EPSS
Percentile
99.1%
The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trigger data corruption for reference-counted strings via a crafted (1) IPP_CREATE_JOB or (2) IPP_PRINT_JOB request, as demonstrated by replacing the configuration file and consequently executing arbitrary code.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cups | < 1.7.5-12 | cups_1.7.5-12_all.deb |
| Debian | 11 | all | cups | < 1.7.5-12 | cups_1.7.5-12_all.deb |
| Debian | 10 | all | cups | < 1.7.5-12 | cups_1.7.5-12_all.deb |
| Debian | 999 | all | cups | < 1.7.5-12 | cups_1.7.5-12_all.deb |
| Debian | 13 | all | cups | < 1.7.5-12 | cups_1.7.5-12_all.deb |
Related
openvas
openvas
Slackware: Security Advisory (SSA:2015-188-01)
2022-04-21 00:00:00
Debian: Security Advisory (DLA-239-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-3283-1)
2015-06-08 00:00:00
slackware
slackware
[slackware-security] cups
2015-07-08 00:00:21
zdt
zdt
CUPS 2.0.3 - Remote Command Execution Exploit
2017-02-03 00:00:00
CUPS 2.0.3 - Multiple Vulnerabilities
2015-06-23 00:00:00
prion
prion
Design/Logic Flaw
2015-06-26 10:59:00
checkpoint_advisories
checkpoint_advisories
Apple CUPS cupsd Privilege Escalation (CVE-2015-1158)
2015-07-05 00:00:00
ubuntucve
ubuntucve
CVE-2015-1158
2015-06-09 00:00:00
packetstorm
packetstorm
CUPS Remote Code Execution
2017-02-03 00:00:00
CUPS XSS / String Handling / Improper Teardown
2015-06-22 00:00:00
nessus
nessus
GLSA-201510-07 : CUPS: Multiple vulnerabilities
2015-11-02 00:00:00
exploitpack
exploitpack
CUPS 2.0.3 - Remote Command Execution
2017-02-03 00:00:00
CUPS 2.0.3 - Multiple Vulnerabilities
2015-06-22 00:00:00
cve
cve
CVE-2015-1158
2015-06-26 10:59:00
exploitdb
exploitdb
CUPS < 2.0.3 - Remote Command Execution
2017-02-03 00:00:00
CUPS < 2.0.3 - Multiple Vulnerabilities
2015-06-22 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: cups-2.0.3-1.fc22
2015-06-21 00:21:04
[SECURITY] Fedora 21 Update: cups-1.7.5-17.fc21
2015-06-21 00:36:00
debian
debian
[SECURITY] [DSA 3283-1] cups security update
2015-06-09 20:25:07
[SECURITY] [DSA 3283-1] cups security update
2015-06-09 20:24:48
[SECURITY] [DLA 239-1] cups security update
2015-06-09 10:27:37
f5
f5
SOL16794 - CUPS vulnerabilities CVE-2015-1158 / CVE-2015-1159
2015-06-23 00:00:00
K16794 : CUPS vulnerabilities CVE-2015-1158 / CVE-2015-1159
2015-06-23 00:00:00
googleprojectzero
googleprojectzero
Owning Internet Printing - A Case Study in Modern Software Exploitation
2015-06-19 00:00:00
ubuntu
ubuntu
CUPS vulnerabilities
2015-06-10 00:00:00
securityvulns
securityvulns
[USN-2629-1] CUPS vulnerabilities
2015-06-14 00:00:00
CUPS security vulnerabilities
2015-06-14 00:00:00
osv
osv
cups - security update
2015-06-09 00:00:00
cups - security update
2015-06-09 00:00:00
archlinux
archlinux
cups: multiple issues
2015-06-10 00:00:00
gentoo
gentoo
CUPS: Multiple vulnerabilities
2015-10-31 00:00:00
mageia
mageia
Updated cups package fixes security vulnerabilities
2015-06-19 16:33:05
cert
cert
freebsd
freebsd
cups -- multiple vulnerabilities
2015-06-09 00:00:00
oraclelinux
oraclelinux
cups security update
2015-06-17 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:17:51
Denial Of Service (DoS)
2019-05-02 05:17:51
ibm
ibm
suse
suse
Security update for cups154 (critical)
2015-06-11 20:06:22
Security update for cups154 (critical)
2015-06-11 19:04:58
Security update for cups (critical)
2015-06-11 17:05:04
redhat
redhat
(RHSA-2015:1123) Important: cups security update
2015-06-17 00:00:00
amazon
amazon
Medium: cups
2015-07-07 12:34:00
centos
centos
cups security update
2015-06-18 11:29:43