4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
cups is vulnerable to information disclosure. The vulnerability exists as an uninitialized memory read issue was found in the CUPS web interface. If an attacker had access to the CUPS web interface, they could use a specially-crafted URL to leverage this flaw to read a limited amount of memory from the cupsd process, possibly obtaining sensitive information.
cups.org/articles.php?L596
cups.org/str.php?L3577
lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
secunia.com/advisories/40220
secunia.com/advisories/43521
security.gentoo.org/glsa/glsa-201207-10.xml
support.apple.com/kb/HT4188
www.debian.org/security/2011/dsa-2176
www.mandriva.com/security/advisories?name=MDVSA-2010:232
www.mandriva.com/security/advisories?name=MDVSA-2010:234
www.redhat.com/security/updates/classification/#important
www.securityfocus.com/bid/40871
www.vupen.com/english/advisories/2010/1481
www.vupen.com/english/advisories/2011/0535
access.redhat.com/errata/RHSA-2010:0490
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9723