Information Disclosure

2020-04-1000:44:31

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

JSON

cups is vulnerable to information disclosure. The vulnerability exists as an uninitialized memory read issue was found in the CUPS web interface. If an attacker had access to the CUPS web interface, they could use a specially-crafted URL to leverage this flaw to read a limited amount of memory from the cupsd process, possibly obtaining sensitive information.

CPENameOperatorVersion
cupseq1.2.4__11.18.el5_2.1
cupseq1.2.4__11.5.1.el5
cupseq1.2.4__11.14.el5
cupseq1.3.7__11.el5_4.5
cupseq1.1.22__0.rc1.9.27.el4_7.1
cupseq1.3.7__8.el5
cupseq1.2.4__11.14.el5_1.4
cupseq1.3.7__11.el5_4.6
cupseq1.2.4__11.14.el5_1.6
cupseq1.2.4__11.18.el5_2.2

Name	Operator	Version
cups	eq	1.2.4__11.18.el5_2.1
cups	eq	1.2.4__11.5.1.el5
cups	eq	1.2.4__11.14.el5
cups	eq	1.3.7__11.el5_4.5
cups	eq	1.1.22__0.rc1.9.27.el4_7.1
cups	eq	1.3.7__8.el5
cups	eq	1.2.4__11.14.el5_1.4
cups	eq	1.3.7__11.el5_4.6
cups	eq	1.2.4__11.14.el5_1.6
cups	eq	1.2.4__11.18.el5_2.2