CVE-2017-15400

Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue...

App Layering - Best Practice for Printing

Best practice and guideline for printing in 2.x and 3.x. Create a printer layer for your printers for ease of updating and troubleshooting any problems Layering of printer drivers is recommended Use inbox drivers vs. 3rd party drivers Create a GPO or logon script to define a default layer...

The vulnerability of the printDirect function in the node-printer module for the Node.js platform allows a hacker to execute arbitrary commands.

The vulnerability of the printDirect function in the node-printer module for the Node.js platform is related to the lack of measures to sanitize input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands using the “lpr” command...

Cross site scripting

HP has identified a potential security vulnerability with HP Enterprise LaserJet Printers and MFPs, HP OfficeJet Enterprise Color Printers and MFP, HP PageWide Color Printers and MPS before 2308214000901, 2308214000900, and other firmware versions. The vulnerability could be exploited to perform ...

CVE-2014-8166

The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name...

Design/Logic Flaw

The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name...

DEBIAN-CVE-2014-8166

The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name...

CVE-2014-8166

The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name...

CVE-2014-8166

The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name...

CVE-2014-8166

The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name...

CVE-2014-8166

CVE-2014-8166 affects the CUPS server’s web/browsing feature, where ANSI escape sequences are not filtered from shared printer names. This could allow remote attackers to execute arbitrary code by supplying a crafted printer name. The issue is consistently described across multiple advisories (SU...

CVE-2014-8166

The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name...

CVE-2017-7998

Multiple cross-site scripting XSS vulnerabilities in Gespage before 7.4.9 allow remote attackers to inject arbitrary web script or HTML via the 1 printer name when adding a printer in the admin panel or 2 username parameter to webapp/users/userreg.jsp...

CVE-2017-7998

Multiple cross-site scripting XSS vulnerabilities in Gespage before 7.4.9 allow remote attackers to inject arbitrary web script or HTML via the 1 printer name when adding a printer in the admin panel or 2 username parameter to webapp/users/userreg.jsp...

Gespage Cross-Site Scripting Vulnerability

Gespage is an application for managing and monitoring printing devices from the French company Gespage. A cross-site scripting vulnerability exists in Gespage. A remote attacker could exploit this vulnerability by adding a printer with a specially crafted name or by injecting arbitrary web script...

Gespage 7.4.8 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications CVE-2017-7998 Gespage stored cross-site-scripting XSS vulnerability Description Gespage is web solution providing a printer portal. Official Website: http://www.gespage.com/ The web application does not properly filter several parameters sent ...

Gespage 7.4.8 Cross Site Scripting

CVE-2017-7998 Gespage stored cross-site-scripting XSS vulnerability Description Gespage is web solution providing a printer portal. Official Website: http://www.gespage.com/ The web application does not properly filter several parameters sent by users, allowing XSS code injection. These...

Gespage 7.4.8 - SQL Injection

Gespage 7.4.8 - SQL Injection CVE-2017-7997 Gespage SQL Injection vulnerability Description Gespage is a web solution providing a printer portal. Official Website: http://www.gespage.com/ The web application does not properly filter several parameters sent by users, allowing authenticated SQL cod...

Spoofed Emails from Supposedly Corporate Printer Vendors Install Backdoor

By Waqas Corporate printers and scanners related emails are quite common in This is a post from HackRead.com Read the original post: Spoofed Emails from Supposedly Corporate Printer Vendors Install Backdoor...

December 12, 2017—KB4053581 (OS Build 10240.17709)

December 12, 2017—KB4053581 OS Build 10240.17709 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses issue where users of SQL Server Reporting Services may not be able to use the...