Skip to main content
CVE-2014-4336 MEDIUM PATCH This Month

The generate_local_queue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host. Rated medium severity (CVSS 5.8), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Command Injection Cups Filters
NVD
CVSS 2.0
5.8
EPSS
0.5%
CVE-2014-4337 MEDIUM PATCH This Month

The process_browse_data function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote attackers to cause a denial of service (out-of-bounds read and application crash). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Buffer Overflow Cups Filters
NVD
CVSS 2.0
4.3
EPSS
2.1%
CVE-2014-4338 MEDIUM This Month

cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Cups Filters
NVD
CVSS 2.0
4.0
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy