Lucene search

K

PRIOn knowledge basePRION:CVE-2014-2856

HistoryApr 18, 2014 - 2:55 p.m.

Cross site scripting

2014-04-1814:55:00

PRIOn knowledge base

www.prio-n.com

10

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.009 Low

EPSS

Percentile

81.9%

Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function.

CPENameOperatorVersion
cupseq1.1.20
cupseq1.4 b1
cupseq1.6.2
cupseq1.1.5-2
cupseq1.5.3
cupseq1.3.9
cupseq1.1.14
cupseq1.5.0
cupseq1.3 rc2
cupseq1.1.6-1

Rows per page:

1-10 of 1111

References

advisories.mageia.org/MGASA-2014-0193.html

rhn.redhat.com/errata/RHSA-2014-1388.html

secunia.com/advisories/57880

www.cups.org/documentation.php/relnotes.html

www.cups.org/str.php?L4356

www.mandriva.com/security/advisories?name=MDVSA-2015:108

www.openwall.com/lists/oss-security/2014/04/14/2

www.openwall.com/lists/oss-security/2014/04/15/3

www.securityfocus.com/bid/66788

www.ubuntu.com/usn/USN-2172-1

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.009 Low

EPSS

Percentile

81.9%

Related for PRION:CVE-2014-2856

checkpoint_advisories2 fedora2 nessus14 mageia1 securityvulns2 cvelist1 openvas12 veracode1 cve1 ubuntucve1 debiancve1 ubuntu1 redhat1 centos1 oraclelinux1 amazon1