Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for foomatic-filters by linuxfoundation

    CVE-2011-2924 (GCVE-0-2011-2924)

    Vulnerability from nvd – Published: 2019-11-19 21:20 – Updated: 2024-08-06 23:15
    VLAI
    Summary
    foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.
    Severity
    No CVSS data available.
    CWE
    • Other
    Assigner
    Impacted products
    Vendor Product Version
    foomatic-filters foomatic-filters Affected: 4.0.12 and prior
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:15:31.864Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-tracker.debian.org/tracker/CVE-2011-2924"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2924"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/cve-2011-2924"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.openwall.com/lists/oss-security/2014/02/08/5/1"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://lwn.net/Articles/459979/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://launchpad.net/ubuntu/+source/foomatic-filters/4.0.12-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "foomatic-filters",
              "vendor": "foomatic-filters",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.0.12 and prior"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Other",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-19T21:20:16.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-tracker.debian.org/tracker/CVE-2011-2924"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2924"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://access.redhat.com/security/cve/cve-2011-2924"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.openwall.com/lists/oss-security/2014/02/08/5/1"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://lwn.net/Articles/459979/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://launchpad.net/ubuntu/+source/foomatic-filters/4.0.12-1"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-2924",
        "datePublished": "2019-11-19T21:20:16.000Z",
        "dateReserved": "2011-07-27T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:15:31.864Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-2923 (GCVE-0-2011-2923)

    Vulnerability from nvd – Published: 2019-11-19 20:38 – Updated: 2024-08-06 23:15
    VLAI
    Summary
    foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.
    Severity
    No CVSS data available.
    CWE
    • UNKNOWN_TYPE
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:15:31.690Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-tracker.debian.org/tracker/CVE-2011-2923"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2923"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2011-2923"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/cve-2011-2923"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "foomatic-filters",
              "vendor": "foomatic-filters",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "UNKNOWN_TYPE",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-19T20:38:08.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-tracker.debian.org/tracker/CVE-2011-2923"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2923"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2011-2923"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://access.redhat.com/security/cve/cve-2011-2923"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-2923",
        "datePublished": "2019-11-19T20:38:08.000Z",
        "dateReserved": "2011-07-27T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:15:31.690Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-5325 (GCVE-0-2010-5325)

    Vulnerability from nvd – Published: 2016-04-15 14:00 – Updated: 2024-08-07 04:17
    VLAI
    Summary
    Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2010-08-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:17:10.191Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218297"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/annotate/head:/ChangeLog"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.linuxfoundation.org/show_bug.cgi?id=515"
              },
              {
                "name": "RHSA-2016:0491",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2016-0491.html"
              },
              {
                "name": "[oss-security] 20160215 CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/02/15/1"
              },
              {
                "name": "[oss-security] 20160215 Re: CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/02/15/7"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-08-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-09-30T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218297"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/annotate/head:/ChangeLog"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.linuxfoundation.org/show_bug.cgi?id=515"
            },
            {
              "name": "RHSA-2016:0491",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2016-0491.html"
            },
            {
              "name": "[oss-security] 20160215 CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/02/15/1"
            },
            {
              "name": "[oss-security] 20160215 Re: CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/02/15/7"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-5325",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1218297",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218297"
                },
                {
                  "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
                },
                {
                  "name": "http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/annotate/head:/ChangeLog",
                  "refsource": "CONFIRM",
                  "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/annotate/head:/ChangeLog"
                },
                {
                  "name": "https://bugs.linuxfoundation.org/show_bug.cgi?id=515",
                  "refsource": "CONFIRM",
                  "url": "https://bugs.linuxfoundation.org/show_bug.cgi?id=515"
                },
                {
                  "name": "RHSA-2016:0491",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2016-0491.html"
                },
                {
                  "name": "[oss-security] 20160215 CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2016/02/15/1"
                },
                {
                  "name": "[oss-security] 20160215 Re: CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2016/02/15/7"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-5325",
        "datePublished": "2016-04-15T14:00:00.000Z",
        "dateReserved": "2016-02-15T00:00:00.000Z",
        "dateUpdated": "2024-08-07T04:17:10.191Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-8560 (GCVE-0-2015-8560)

    Vulnerability from nvd – Published: 2016-04-14 14:00 – Updated: 2024-08-06 08:20
    VLAI
    Summary
    Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2015-12-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T08:20:43.214Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-3419",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2015/dsa-3419"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419"
              },
              {
                "name": "[oss-security] 20151214 Re: CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/12/14/13"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
              },
              {
                "name": "USN-2838-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-2838-1"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS"
              },
              {
                "name": "DSA-3429",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2015/dsa-3429"
              },
              {
                "name": "USN-2838-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-2838-2"
              },
              {
                "name": "[oss-security] 20151213 CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/12/13/2"
              },
              {
                "name": "RHSA-2016:0491",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2016-0491.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-12-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-03T18:57:01.000Z",
            "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
            "shortName": "debian"
          },
          "references": [
            {
              "name": "DSA-3419",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2015/dsa-3419"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419"
            },
            {
              "name": "[oss-security] 20151214 Re: CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/12/14/13"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
            },
            {
              "name": "USN-2838-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2838-1"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS"
            },
            {
              "name": "DSA-3429",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2015/dsa-3429"
            },
            {
              "name": "USN-2838-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2838-2"
            },
            {
              "name": "[oss-security] 20151213 CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/12/13/2"
            },
            {
              "name": "RHSA-2016:0491",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2016-0491.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@debian.org",
              "ID": "CVE-2015-8560",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-3419",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2015/dsa-3419"
                },
                {
                  "name": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419",
                  "refsource": "CONFIRM",
                  "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419"
                },
                {
                  "name": "[oss-security] 20151214 Re: CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/12/14/13"
                },
                {
                  "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
                },
                {
                  "name": "USN-2838-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-2838-1"
                },
                {
                  "name": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS",
                  "refsource": "CONFIRM",
                  "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS"
                },
                {
                  "name": "DSA-3429",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2015/dsa-3429"
                },
                {
                  "name": "USN-2838-2",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-2838-2"
                },
                {
                  "name": "[oss-security] 20151213 CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/12/13/2"
                },
                {
                  "name": "RHSA-2016:0491",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2016-0491.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "assignerShortName": "debian",
        "cveId": "CVE-2015-8560",
        "datePublished": "2016-04-14T14:00:00.000Z",
        "dateReserved": "2015-12-14T00:00:00.000Z",
        "dateUpdated": "2024-08-06T08:20:43.214Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-8327 (GCVE-0-2015-8327)

    Vulnerability from nvd – Published: 2015-12-17 19:00 – Updated: 2024-08-06 08:13
    VLAI
    Summary
    Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2015-11-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T08:13:32.694Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "USN-2831-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-2831-1"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
              },
              {
                "name": "78524",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/78524"
              },
              {
                "name": "[debian-printing] 20151126 cups-filters 1.2.0 released!",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-printing/2015/11/msg00020.html"
              },
              {
                "name": "USN-2831-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-2831-2"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS"
              },
              {
                "name": "DSA-3429",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2015/dsa-3429"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406"
              },
              {
                "name": "RHSA-2016:0491",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2016-0491.html"
              },
              {
                "name": "[debian-printing] 20151201 Re: cups-filters 1.2.0 released!",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-printing/2015/12/msg00001.html"
              },
              {
                "name": "openSUSE-SU-2016:0179",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00065.html"
              },
              {
                "name": "DSA-3411",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2015/dsa-3411"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-11-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-03T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "USN-2831-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2831-1"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
            },
            {
              "name": "78524",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/78524"
            },
            {
              "name": "[debian-printing] 20151126 cups-filters 1.2.0 released!",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-printing/2015/11/msg00020.html"
            },
            {
              "name": "USN-2831-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2831-2"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS"
            },
            {
              "name": "DSA-3429",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2015/dsa-3429"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406"
            },
            {
              "name": "RHSA-2016:0491",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2016-0491.html"
            },
            {
              "name": "[debian-printing] 20151201 Re: cups-filters 1.2.0 released!",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-printing/2015/12/msg00001.html"
            },
            {
              "name": "openSUSE-SU-2016:0179",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00065.html"
            },
            {
              "name": "DSA-3411",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2015/dsa-3411"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2015-8327",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "USN-2831-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-2831-1"
                },
                {
                  "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
                },
                {
                  "name": "78524",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/78524"
                },
                {
                  "name": "[debian-printing] 20151126 cups-filters 1.2.0 released!",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-printing/2015/11/msg00020.html"
                },
                {
                  "name": "USN-2831-2",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-2831-2"
                },
                {
                  "name": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS",
                  "refsource": "CONFIRM",
                  "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS"
                },
                {
                  "name": "DSA-3429",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2015/dsa-3429"
                },
                {
                  "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886",
                  "refsource": "CONFIRM",
                  "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886"
                },
                {
                  "name": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406",
                  "refsource": "CONFIRM",
                  "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406"
                },
                {
                  "name": "RHSA-2016:0491",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2016-0491.html"
                },
                {
                  "name": "[debian-printing] 20151201 Re: cups-filters 1.2.0 released!",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-printing/2015/12/msg00001.html"
                },
                {
                  "name": "openSUSE-SU-2016:0179",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00065.html"
                },
                {
                  "name": "DSA-3411",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2015/dsa-3411"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2015-8327",
        "datePublished": "2015-12-17T19:00:00.000Z",
        "dateReserved": "2015-11-24T00:00:00.000Z",
        "dateUpdated": "2024-08-06T08:13:32.694Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-2924 (GCVE-0-2011-2924)

    Vulnerability from cvelistv5 – Published: 2019-11-19 21:20 – Updated: 2024-08-06 23:15
    VLAI
    Summary
    foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.
    Severity
    No CVSS data available.
    CWE
    • Other
    Assigner
    Impacted products
    Vendor Product Version
    foomatic-filters foomatic-filters Affected: 4.0.12 and prior
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:15:31.864Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-tracker.debian.org/tracker/CVE-2011-2924"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2924"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/cve-2011-2924"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.openwall.com/lists/oss-security/2014/02/08/5/1"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://lwn.net/Articles/459979/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://launchpad.net/ubuntu/+source/foomatic-filters/4.0.12-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "foomatic-filters",
              "vendor": "foomatic-filters",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.0.12 and prior"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Other",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-19T21:20:16.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-tracker.debian.org/tracker/CVE-2011-2924"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2924"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://access.redhat.com/security/cve/cve-2011-2924"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.openwall.com/lists/oss-security/2014/02/08/5/1"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://lwn.net/Articles/459979/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://launchpad.net/ubuntu/+source/foomatic-filters/4.0.12-1"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-2924",
        "datePublished": "2019-11-19T21:20:16.000Z",
        "dateReserved": "2011-07-27T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:15:31.864Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-2923 (GCVE-0-2011-2923)

    Vulnerability from cvelistv5 – Published: 2019-11-19 20:38 – Updated: 2024-08-06 23:15
    VLAI
    Summary
    foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.
    Severity
    No CVSS data available.
    CWE
    • UNKNOWN_TYPE
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:15:31.690Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-tracker.debian.org/tracker/CVE-2011-2923"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2923"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2011-2923"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/cve-2011-2923"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "foomatic-filters",
              "vendor": "foomatic-filters",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "UNKNOWN_TYPE",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-19T20:38:08.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-tracker.debian.org/tracker/CVE-2011-2923"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2923"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2011-2923"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://access.redhat.com/security/cve/cve-2011-2923"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-2923",
        "datePublished": "2019-11-19T20:38:08.000Z",
        "dateReserved": "2011-07-27T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:15:31.690Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-5325 (GCVE-0-2010-5325)

    Vulnerability from cvelistv5 – Published: 2016-04-15 14:00 – Updated: 2024-08-07 04:17
    VLAI
    Summary
    Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2010-08-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:17:10.191Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218297"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/annotate/head:/ChangeLog"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.linuxfoundation.org/show_bug.cgi?id=515"
              },
              {
                "name": "RHSA-2016:0491",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2016-0491.html"
              },
              {
                "name": "[oss-security] 20160215 CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/02/15/1"
              },
              {
                "name": "[oss-security] 20160215 Re: CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/02/15/7"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-08-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-09-30T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218297"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/annotate/head:/ChangeLog"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.linuxfoundation.org/show_bug.cgi?id=515"
            },
            {
              "name": "RHSA-2016:0491",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2016-0491.html"
            },
            {
              "name": "[oss-security] 20160215 CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/02/15/1"
            },
            {
              "name": "[oss-security] 20160215 Re: CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/02/15/7"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-5325",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1218297",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218297"
                },
                {
                  "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
                },
                {
                  "name": "http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/annotate/head:/ChangeLog",
                  "refsource": "CONFIRM",
                  "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/foomatic-4.0/foomatic-filters/annotate/head:/ChangeLog"
                },
                {
                  "name": "https://bugs.linuxfoundation.org/show_bug.cgi?id=515",
                  "refsource": "CONFIRM",
                  "url": "https://bugs.linuxfoundation.org/show_bug.cgi?id=515"
                },
                {
                  "name": "RHSA-2016:0491",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2016-0491.html"
                },
                {
                  "name": "[oss-security] 20160215 CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2016/02/15/1"
                },
                {
                  "name": "[oss-security] 20160215 Re: CVE request: foomatic-rip unhtmlify() buffer overflow vulnerability",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2016/02/15/7"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-5325",
        "datePublished": "2016-04-15T14:00:00.000Z",
        "dateReserved": "2016-02-15T00:00:00.000Z",
        "dateUpdated": "2024-08-07T04:17:10.191Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-8560 (GCVE-0-2015-8560)

    Vulnerability from cvelistv5 – Published: 2016-04-14 14:00 – Updated: 2024-08-06 08:20
    VLAI
    Summary
    Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2015-12-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T08:20:43.214Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-3419",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2015/dsa-3419"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419"
              },
              {
                "name": "[oss-security] 20151214 Re: CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/12/14/13"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
              },
              {
                "name": "USN-2838-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-2838-1"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS"
              },
              {
                "name": "DSA-3429",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2015/dsa-3429"
              },
              {
                "name": "USN-2838-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-2838-2"
              },
              {
                "name": "[oss-security] 20151213 CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2015/12/13/2"
              },
              {
                "name": "RHSA-2016:0491",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2016-0491.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-12-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-03T18:57:01.000Z",
            "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
            "shortName": "debian"
          },
          "references": [
            {
              "name": "DSA-3419",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2015/dsa-3419"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419"
            },
            {
              "name": "[oss-security] 20151214 Re: CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/12/14/13"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
            },
            {
              "name": "USN-2838-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2838-1"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS"
            },
            {
              "name": "DSA-3429",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2015/dsa-3429"
            },
            {
              "name": "USN-2838-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2838-2"
            },
            {
              "name": "[oss-security] 20151213 CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/12/13/2"
            },
            {
              "name": "RHSA-2016:0491",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2016-0491.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@debian.org",
              "ID": "CVE-2015-8560",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-3419",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2015/dsa-3419"
                },
                {
                  "name": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419",
                  "refsource": "CONFIRM",
                  "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419"
                },
                {
                  "name": "[oss-security] 20151214 Re: CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/12/14/13"
                },
                {
                  "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
                },
                {
                  "name": "USN-2838-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-2838-1"
                },
                {
                  "name": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS",
                  "refsource": "CONFIRM",
                  "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS"
                },
                {
                  "name": "DSA-3429",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2015/dsa-3429"
                },
                {
                  "name": "USN-2838-2",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-2838-2"
                },
                {
                  "name": "[oss-security] 20151213 CVE Request: Cups Filters/Foomatic Filters: Does not consider semicolon as an illegal shell escape character",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2015/12/13/2"
                },
                {
                  "name": "RHSA-2016:0491",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2016-0491.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "assignerShortName": "debian",
        "cveId": "CVE-2015-8560",
        "datePublished": "2016-04-14T14:00:00.000Z",
        "dateReserved": "2015-12-14T00:00:00.000Z",
        "dateUpdated": "2024-08-06T08:20:43.214Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-8327 (GCVE-0-2015-8327)

    Vulnerability from cvelistv5 – Published: 2015-12-17 19:00 – Updated: 2024-08-06 08:13
    VLAI
    Summary
    Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2015-11-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T08:13:32.694Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "USN-2831-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-2831-1"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
              },
              {
                "name": "78524",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/78524"
              },
              {
                "name": "[debian-printing] 20151126 cups-filters 1.2.0 released!",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-printing/2015/11/msg00020.html"
              },
              {
                "name": "USN-2831-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-2831-2"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS"
              },
              {
                "name": "DSA-3429",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2015/dsa-3429"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406"
              },
              {
                "name": "RHSA-2016:0491",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2016-0491.html"
              },
              {
                "name": "[debian-printing] 20151201 Re: cups-filters 1.2.0 released!",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-printing/2015/12/msg00001.html"
              },
              {
                "name": "openSUSE-SU-2016:0179",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00065.html"
              },
              {
                "name": "DSA-3411",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2015/dsa-3411"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-11-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-03T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "USN-2831-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2831-1"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
            },
            {
              "name": "78524",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/78524"
            },
            {
              "name": "[debian-printing] 20151126 cups-filters 1.2.0 released!",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-printing/2015/11/msg00020.html"
            },
            {
              "name": "USN-2831-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-2831-2"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS"
            },
            {
              "name": "DSA-3429",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2015/dsa-3429"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406"
            },
            {
              "name": "RHSA-2016:0491",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2016-0491.html"
            },
            {
              "name": "[debian-printing] 20151201 Re: cups-filters 1.2.0 released!",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-printing/2015/12/msg00001.html"
            },
            {
              "name": "openSUSE-SU-2016:0179",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00065.html"
            },
            {
              "name": "DSA-3411",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2015/dsa-3411"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2015-8327",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "USN-2831-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-2831-1"
                },
                {
                  "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
                },
                {
                  "name": "78524",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/78524"
                },
                {
                  "name": "[debian-printing] 20151126 cups-filters 1.2.0 released!",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-printing/2015/11/msg00020.html"
                },
                {
                  "name": "USN-2831-2",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-2831-2"
                },
                {
                  "name": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS",
                  "refsource": "CONFIRM",
                  "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS"
                },
                {
                  "name": "DSA-3429",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2015/dsa-3429"
                },
                {
                  "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886",
                  "refsource": "CONFIRM",
                  "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886"
                },
                {
                  "name": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406",
                  "refsource": "CONFIRM",
                  "url": "http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406"
                },
                {
                  "name": "RHSA-2016:0491",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2016-0491.html"
                },
                {
                  "name": "[debian-printing] 20151201 Re: cups-filters 1.2.0 released!",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-printing/2015/12/msg00001.html"
                },
                {
                  "name": "openSUSE-SU-2016:0179",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00065.html"
                },
                {
                  "name": "DSA-3411",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2015/dsa-3411"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2015-8327",
        "datePublished": "2015-12-17T19:00:00.000Z",
        "dateReserved": "2015-11-24T00:00:00.000Z",
        "dateUpdated": "2024-08-06T08:13:32.694Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }