Lucene search
UbuntuUSN-2629-1HistoryJun 10, 2015 - 12:00 a.m.
CUPS vulnerabilities
2015-06-1000:00:00
ubuntu.com
36
5.8 Medium
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.933 High
EPSS
Percentile
99.1%
Releases
- Ubuntu 15.04
- Ubuntu 14.10
- Ubuntu 14.04 ESM
- Ubuntu 12.04
Packages
- cups - Common UNIX Printing System™
Details
It was discovered that CUPS incorrectly handled reference counting when
handling localized strings. A remote attacker could use this issue to
escalate permissions, upload a replacement CUPS configuration file, and
execute arbitrary code. (CVE-2015-1158)
It was discovered that the CUPS templating engine contained a cross-site
scripting issue. A remote attacker could use this issue to bypass default
configuration settings. (CVE-2015-1159)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 15.04 | noarch | cups | < 2.0.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | cups-bsd | < 2.0.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | cups-bsd-dbgsym | < 2.0.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | cups-client | < 2.0.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | cups-client-dbgsym | < 2.0.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | cups-common | < 2.0.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | cups-core-drivers | < 2.0.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | cups-core-drivers-dbgsym | < 2.0.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | cups-daemon | < 2.0.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | cups-daemon-dbgsym | < 2.0.2-1ubuntu3.1 | UNKNOWN |
Related
nessus
nessus
GLSA-201510-07 : CUPS: Multiple vulnerabilities
2015-11-02 00:00:00
FreeBSD : cups -- multiple vulnerabilities (a40ec970-0efa-11e5-90e4-d050996490d0)
2015-06-10 00:00:00
Fedora 22 : cups-2.0.3-1.fc22 (2015-9726)
2015-06-22 00:00:00
f5
f5
SOL16794 - CUPS vulnerabilities CVE-2015-1158 / CVE-2015-1159
2015-06-23 00:00:00
K16794 : CUPS vulnerabilities CVE-2015-1158 / CVE-2015-1159
2015-06-23 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: cups-2.0.3-1.fc22
2015-06-21 00:21:04
[SECURITY] Fedora 21 Update: cups-1.7.5-17.fc21
2015-06-21 00:36:00
debian
debian
[SECURITY] [DSA 3283-1] cups security update
2015-06-09 20:24:48
[SECURITY] [DSA 3283-1] cups security update
2015-06-09 20:24:48
[SECURITY] [DLA 239-1] cups security update
2015-06-09 10:27:06
googleprojectzero
googleprojectzero
Owning Internet Printing - A Case Study in Modern Software Exploitation
2015-06-19 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-239-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-3283-1)
2015-06-08 00:00:00
Ubuntu: Security Advisory (USN-2629-1)
2015-06-11 00:00:00
securityvulns
securityvulns
[USN-2629-1] CUPS vulnerabilities
2015-06-14 00:00:00
CUPS security vulnerabilities
2015-06-14 00:00:00
osv
osv
cups - security update
2015-06-09 00:00:00
cups - security update
2015-06-09 00:00:00
freebsd
freebsd
cups -- multiple vulnerabilities
2015-06-09 00:00:00
exploitpack
exploitpack
CUPS 2.0.3 - Multiple Vulnerabilities
2015-06-22 00:00:00
CUPS 2.0.3 - Remote Command Execution
2017-02-03 00:00:00
archlinux
archlinux
cups: multiple issues
2015-06-10 00:00:00
packetstorm
packetstorm
CUPS XSS / String Handling / Improper Teardown
2015-06-22 00:00:00
CUPS Remote Code Execution
2017-02-03 00:00:00
cert
cert
mageia
mageia
Updated cups package fixes security vulnerabilities
2015-06-19 16:33:05
gentoo
gentoo
CUPS: Multiple vulnerabilities
2015-10-31 00:00:00
exploitdb
exploitdb
CUPS < 2.0.3 - Multiple Vulnerabilities
2015-06-22 00:00:00
CUPS < 2.0.3 - Remote Command Execution
2017-02-03 00:00:00
oraclelinux
oraclelinux
cups security update
2015-06-17 00:00:00
ibm
ibm
suse
suse
Security update for cups154 (critical)
2015-06-11 20:06:22
Security update for cups (critical)
2015-06-11 17:05:04
Security update for cups (critical)
2015-06-12 21:05:05
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:17:51
Denial Of Service (DoS)
2019-05-02 05:17:51
centos
centos
cups security update
2015-06-18 11:29:43
redhat
redhat
(RHSA-2015:1123) Important: cups security update
2015-06-17 00:00:00
amazon
amazon
Medium: cups
2015-07-07 12:34:00
debiancve
debiancve
CVE-2015-1159
2015-06-26 10:59:00
CVE-2015-1158
2015-06-26 10:59:00
cve
cve
CVE-2015-1159
2015-06-26 10:59:00
CVE-2015-1158
2015-06-26 10:59:00
prion
prion
Cross site scripting
2015-06-26 10:59:00
Design/Logic Flaw
2015-06-26 10:59:00
ubuntucve
ubuntucve
CVE-2015-1159
2015-06-09 00:00:00
CVE-2015-1158
2015-06-09 00:00:00
zdt
zdt
CUPS 2.0.3 - Remote Command Execution Exploit
2017-02-03 00:00:00
CUPS 2.0.3 - Multiple Vulnerabilities
2015-06-23 00:00:00
slackware
slackware
[slackware-security] cups
2015-07-08 00:00:21
checkpoint_advisories
checkpoint_advisories
Apple CUPS cupsd Privilege Escalation (CVE-2015-1158)
2015-07-05 00:00:00
5.8 Medium
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.933 High
EPSS
Percentile
99.1%
Related for USN-2629-1