8.8 High
AI Score
Confidence
Low
8.3 High
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:C/I:C/A:C
0.114 Low
EPSS
Percentile
95.2%
Software: cups-filters 1.0.35
OS: Cobalt 7.9
CVE-ID: CVE-2013-6473
CVE-Crit: MEDIUM
CVE-DESC: Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 1.0.25 through 1.0.47 allow remote attackers to execute arbitrary code across a large (1) page or (2) lines in a URF file.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2013-6474
CVE-Crit: MEDIUM
CVE-DESC: Heap-based buffer overflow in pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code through a crafted PDF file.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2013-6474
CVE-Crit: MEDIUM
CVE-DESC: Heap-based buffer overflow in pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code through a crafted PDF file.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2013-6476
CVE-Crit: MEDIUM
CVE-DESC: OPVPWrapper :: loadDriver feature in oprs / OPVPWrapper.cxx in pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2013-6476
CVE-Crit: MEDIUM
CVE-DESC: OPVPWrapper :: loadDriver feature in oprs / OPVPWrapper.cxx in pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2014-4336
CVE-Crit: MEDIUM
CVE-DESC: The generate_local_queue function in utils / cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the hostname. NOTE: this vulnerability exists due to an incomplete patch for CVE-2014-2707.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2015-2265
CVE-Crit: LOW
CVE-DESC: The remove_bad_chars function in utils / cups-browsed.c in cups-filter before 1.0.66 allows remote IPP printers to execute arbitrary commands via serial shell metacharacters in (1) model or (2) PDL. NOTE: this vulnerability exists due to an incomplete patch for CVE-2014-2707.
CVE-STATUS: default
CVE-REV: default