ID CVE-2015-8327
Summary Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job. <a href="https://cwe.mitre.org/data/definitions/184.html">CWE-184: Incomplete Blacklist</a>
References
Vulnerable Configurations
  • cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7.z:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7.z:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.13:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.13:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.15:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.15:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.16:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.16:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.17:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.17:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.42:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.42:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.43:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.43:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.44:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.44:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.45:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.45:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.46:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.46:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.47:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.47:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.48:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.48:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.49:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.49:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.50:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.50:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.51:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.51:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.52:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.52:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.53:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.53:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.54:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.54:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.55:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.55:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.56:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.56:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.57:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.57:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.58:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.58:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.59:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.59:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.60:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.60:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.61:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.61:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.62:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.62:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.63:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.63:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.64:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.64:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.65:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.65:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.66:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.66:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.67:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.67:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.68:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.68:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.69:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.69:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.70:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.70:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.71:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.71:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.72:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.72:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.73:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.73:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.74:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.74:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.75:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.75:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.0.76:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.0.76:*:*:*:*:*:*:*
  • cpe:2.3:a:linuxfoundation:cups-filters:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:linuxfoundation:cups-filters:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 30-10-2018 - 16:27)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
rhsa
id RHSA-2016:0491
rpms
  • foomatic-0:4.0.4-5.el6_7
  • foomatic-debuginfo-0:4.0.4-5.el6_7
refmap via4
bid 78524
confirm
debian
  • DSA-3411
  • DSA-3429
mlist
  • [debian-printing] 20151126 cups-filters 1.2.0 released!
  • [debian-printing] 20151201 Re: cups-filters 1.2.0 released!
suse openSUSE-SU-2016:0179
ubuntu
  • USN-2831-1
  • USN-2831-2
Last major update 30-10-2018 - 16:27
Published 17-12-2015 - 19:59
Last modified 30-10-2018 - 16:27
Back to Top