CVE-2014-2707
Published: 17 April 2014
cups-browsed in cups-filters 1.0.41 before 1.0.51 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the (1) model or (2) PDL, related to "System V interface scripts generated for queues."
Notes
Author | Note |
---|---|
jdstrand | 1.0.51 was an incomplete fix. |
mdeslaur | CVE number pending for incomplete fix. |
Priority
Status
Package | Release | Status |
---|---|---|
cups-filters Launchpad, Ubuntu, Debian |
upstream |
Released
(1.0.53)
|
lucid |
Does not exist
|
|
precise |
Not vulnerable
|
|
quantal |
Not vulnerable
|
|
saucy |
Not vulnerable
(1.0.40-0ubuntu1.1)
|
|
trusty |
Does not exist
(trusty was released [1.0.52-0ubuntu1.1])
|
|
Patches: upstream: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7194 |