DISPUTED An issue in Sane 1.2.1 allows a local attacker to execute
arbitrary code via a crafted file to the sanei_configure_attach() function.
NOTE: this is disputed because there is no expectation that the product
should be starting with an attacker-controlled configuration file.
Author | Note |
---|---|
Priority reason: disputed, no scenario where an attacker controls the configuration file |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | sane-backends | < any | UNKNOWN |
ubuntu | 20.04 | noarch | sane-backends | < any | UNKNOWN |
ubuntu | 22.04 | noarch | sane-backends | < any | UNKNOWN |
ubuntu | 24.04 | noarch | sane-backends | < any | UNKNOWN |
ubuntu | 16.04 | noarch | sane-backends | < any | UNKNOWN |