6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.2 High
AI Score
Confidence
Low
0.114 Low
EPSS
Percentile
95.3%
Florian Weimer discovered that the pdftoopvp filter bundled in the CUPS
package incorrectly handled memory. An attacker could possibly use this
issue to execute arbitrary code with the privileges of the lp user.
(CVE-2013-6474, CVE-2013-6475)
Florian Weimer discovered that the pdftoopvp filter bundled in the CUPS
package did not restrict driver directories. An attacker could possibly use
this issue to execute arbitrary code with the privileges of the lp user.
(CVE-2013-6476)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 10.04 | noarch | cups | <Β 1.4.3-1ubuntu1.10 | UNKNOWN |
Ubuntu | 10.04 | noarch | cups-bsd | <Β 1.4.3-1ubuntu1.10 | UNKNOWN |
Ubuntu | 10.04 | noarch | cups-client | <Β 1.4.3-1ubuntu1.10 | UNKNOWN |
Ubuntu | 10.04 | noarch | cups-dbg | <Β 1.4.3-1ubuntu1.10 | UNKNOWN |
Ubuntu | 10.04 | noarch | cups-ppdc | <Β 1.4.3-1ubuntu1.10 | UNKNOWN |
Ubuntu | 10.04 | noarch | libcups2 | <Β 1.4.3-1ubuntu1.10 | UNKNOWN |
Ubuntu | 10.04 | noarch | libcups2-dev | <Β 1.4.3-1ubuntu1.10 | UNKNOWN |
Ubuntu | 10.04 | noarch | libcupscgi1 | <Β 1.4.3-1ubuntu1.10 | UNKNOWN |
Ubuntu | 10.04 | noarch | libcupscgi1-dev | <Β 1.4.3-1ubuntu1.10 | UNKNOWN |
Ubuntu | 10.04 | noarch | libcupsdriver1 | <Β 1.4.3-1ubuntu1.10 | UNKNOWN |