CVE-2014-2707

Priority
High
Description
cups-browsed in cups-filters 1.0.41 before 1.0.51 allows remote IPP
printers to execute arbitrary commands via shell metacharacters in the (1)
model or (2) PDL, related to "System V interface scripts generated for
queues."
References
Bugs
Notes
 jdstrand> 1.0.51 was an incomplete fix.
 mdeslaur> CVE number pending for incomplete fix.
Package
Upstream:released (1.0.53)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):released (1.0.52-0ubuntu1.1)
Patches:
Upstream:http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7194
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:42:32 UTC (commit 9756)