2 matches found
CVE-2010-2431
CVE-2010-2431 details (CUPS) : The cupsFileOpen function in CUPS before 1.4.4 allows local users who are in the lp group to overwrite arbitrary files via a symlink attack on the files /var/cache/cups/remote.cache and /var/cache/cups/job.cache. This is a local, privilege-related flaw with an impac...
Design/Logic Flaw
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service daemon crash or hang via a client...