13 matches found
SUSE CVE-2014-5029
The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language0 set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537...
cups: Incomplete fix for CVE-2014-3537
It was discovered that CUPS allowed certain users to create symbolic links in certain directories under /var/cache/cups/. A local user with the 'lp' group privileges could use this flaw to read the contents of arbitrary files on the system or, potentially, escalate their privileges on the system...
cups: Incomplete fix for CVE-2014-3537
It was discovered that CUPS allowed certain users to create symbolic links in certain directories under /var/cache/cups/. A local user with the 'lp' group privileges could use this flaw to read the contents of arbitrary files on the system or, potentially, escalate their privileges on the system...
cups: insufficient checking leads to privilege escalation
It was discovered that CUPS allowed certain users to create symbolic links in certain directories under /var/cache/cups/. A local user with the 'lp' group privileges could use this flaw to read the contents of arbitrary files on the system or, potentially, escalate their privileges on the system...
CVE-2014-5029
The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language0 set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537...
CVE-2014-5029
The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language0 set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537...
CVE-2014-5029
The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language0 set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537...
UBUNTU-CVE-2014-5029
The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language0 set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537...
DEBIAN-CVE-2014-3537
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/...
Design/Logic Flaw
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/...
CVE-2014-3537
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/...
DEBIAN-CVE-2011-0727
GNOME Display Manager gdm 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a 1 dmrc or 2 face icon file under /var/cache/gdm/...
CVE-2005-1065
tetex in Novell Linux Desktop 9 allows local users to determine the existence of arbitrary files via a symlink attack in the /var/cache/fonts directory...