CVE-2014-2707

Published Apr 17, 2014

Last updated 3 months ago

CVSS info 8.3

Overview

Description: cups-browsed in cups-filters 1.0.41 before 1.0.51 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the (1) model or (2) PDL, related to "System V interface scripts generated for queues."
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 8.3
Impact score: 10
Exploitability score: 6.5
Vector string: AV:A/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-78

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:linuxfoundation:cups-filters:1.0.41:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BF5B05C-7C56-4FB1-821D-5A919E56C823"
          },
          {
            "criteria": "cpe:2.3:a:linuxfoundation:cups-filters:1.0.42:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68650F82-F655-4008-85EF-E86C02D9944D"
          },
          {
            "criteria": "cpe:2.3:a:linuxfoundation:cups-filters:1.0.43:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23CA8354-40A7-4E01-AA8A-8200A34EA2BD"
          },
          {
            "criteria": "cpe:2.3:a:linuxfoundation:cups-filters:1.0.44:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "26EA706E-DE8C-404F-BE45-99E0E8C1D0BF"
          },
          {
            "criteria": "cpe:2.3:a:linuxfoundation:cups-filters:1.0.45:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC53B1B4-00F9-48B3-903F-D49F1E66668D"
          },
          {
            "criteria": "cpe:2.3:a:linuxfoundation:cups-filters:1.0.46:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41CAF5A3-CE18-424C-B1F5-B3B2763CE600"
          },
          {
            "criteria": "cpe:2.3:a:linuxfoundation:cups-filters:1.0.47:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98BACC25-D2CB-4347-BE7A-6A1238363C77"
          },
          {
            "criteria": "cpe:2.3:a:linuxfoundation:cups-filters:1.0.48:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53A4BE56-B7DD-494C-A770-3ED6C682D3AD"
          },
          {
            "criteria": "cpe:2.3:a:linuxfoundation:cups-filters:1.0.49:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E062716-0141-4625-AA6F-FA560E49C100"
          },
          {
            "criteria": "cpe:2.3:a:linuxfoundation:cups-filters:1.0.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A90DE61-E53B-487E-86A8-33C0E027F956"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References