CVE-2015-8560
HIGH7.3EPSS 9.3%cups-filters - security update
發布日:2016/4/14修改日:2026/4/28
描述
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327.
受影響套件(4)
- Debian/cups-filtersfrom 0, < 1.4.0-1
- Debian/cups-filtersfrom 0, < 1.0.61-5+deb8u3
- Debian/foomatic-filtersfrom 0, < 4.0.17-7
- Debian/foomatic-filtersfrom 0, < 4.0.5-6+squeeze2+deb6u12
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.3 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |