CVE-2012-4510

Published Nov 20, 2012

Last updated 11 years ago

Overview

Description: cups-pk-helper before 0.2.3 does not properly wrap the (1) cupsGetFile and (2) cupsPutFile function calls, which allows user-assisted remote attackers to read or overwrite sensitive files using CUPS resources.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5.8
Impact score: 4.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cups-pk-helper_project:cups-pk-helper:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D47BA3F7-6CBC-4F27-9328-616D28633167",
            "versionEndIncluding": "0.2.2"
          },
          {
            "criteria": "cpe:2.3:a:cups-pk-helper_project:cups-pk-helper:0.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1EE62B0C-B4E2-4389-861F-8ACCAAE246DB"
          },
          {
            "criteria": "cpe:2.3:a:cups-pk-helper_project:cups-pk-helper:0.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83572DA5-8545-4E52-B871-70FA5F14104D"
          },
          {
            "criteria": "cpe:2.3:a:cups-pk-helper_project:cups-pk-helper:0.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "345E9742-16E9-46D7-A47D-3DD8C0E9D7DF"
          },
          {
            "criteria": "cpe:2.3:a:cups-pk-helper_project:cups-pk-helper:0.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F188997-C3C6-4171-A152-B5A336C7E0F4"
          },
          {
            "criteria": "cpe:2.3:a:cups-pk-helper_project:cups-pk-helper:0.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D823D13-A6CA-4F2C-9265-3DF56D9EC352"
          },
          {
            "criteria": "cpe:2.3:a:cups-pk-helper_project:cups-pk-helper:0.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBBAFB6C-3A80-4A4B-82BE-5014B93BC85A"
          },
          {
            "criteria": "cpe:2.3:a:cups-pk-helper_project:cups-pk-helper:0.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E00CDE1F-0E65-4C06-9303-277C0F1DE117"
          },
          {
            "criteria": "cpe:2.3:a:cups-pk-helper_project:cups-pk-helper:0.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E476C56E-C43C-4AFC-AD6F-BB6723F183DA"
          },
          {
            "criteria": "cpe:2.3:a:cups-pk-helper_project:cups-pk-helper:0.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0EE45D7-99BE-4D62-8C91-DCA304C72716"
          },
          {
            "criteria": "cpe:2.3:a:cups-pk-helper_project:cups-pk-helper:0.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D142AAA-7B13-4DAD-BA70-86AA0C2B46AB"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References