Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-3537HistoryJul 23, 2014 - 2:55 p.m.
CVE-2014-3537
2014-07-2314:55:05
Debian Security Bug Tracker
security-tracker.debian.org
15
CVSS2
1.2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:N/A:N
EPSS
0.001
Percentile
26.5%
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cups | < 1.7.4-1 | cups_1.7.4-1_all.deb |
| Debian | 11 | all | cups | < 1.7.4-1 | cups_1.7.4-1_all.deb |
| Debian | 999 | all | cups | < 1.7.4-1 | cups_1.7.4-1_all.deb |
| Debian | 13 | all | cups | < 1.7.4-1 | cups_1.7.4-1_all.deb |
Related
prion
prion
Design/Logic Flaw
2014-07-23 14:55:00
Code injection
2014-07-29 14:55:00
nvd
nvd
CVE-2014-3537
2014-07-23 14:55:05
CVE-2014-5029
2014-07-29 14:55:07
nessus
nessus
CUPS 1.7.x < 1.7.4 'get_file' Function Symlink Handling Info Disclosure
2014-07-31 00:00:00
Fedora 20 : cups-1.7.4-1.fc20 (2014-8351)
2014-07-21 00:00:00
Ubuntu 14.04 LTS : CUPS vulnerability (USN-2293-1)
2014-07-22 00:00:00
cvelist
cvelist
CVE-2014-3537
2014-07-23 14:00:00
CVE-2014-5029
2014-07-29 14:00:00
openvas
openvas
Fedora Update for cups FEDORA-2014-8351
2014-07-21 00:00:00
Ubuntu: Security Advisory (USN-2293-1)
2014-07-28 00:00:00
Debian Security Advisory DSA 2990-1 (cups - security update)
2014-07-27 00:00:00
securityvulns
securityvulns
[USN-2293-1] CUPS vulnerability
2014-07-22 00:00:00
CUPS unauthorized files access
2014-07-28 00:00:00
[SECURITY] [DSA 2990-1] cups security update
2014-07-28 00:00:00
ubuntu
ubuntu
CUPS vulnerability
2014-07-21 00:00:00
cve
cve
CVE-2014-3537
2014-07-23 14:55:05
CVE-2014-5029
2014-07-29 14:55:07
veracode
veracode
Information Disclosure
2019-05-02 05:12:22
Information Disclosure
2019-05-02 05:12:22
ubuntucve
ubuntucve
CVE-2014-3537
2014-07-17 00:00:00
CVE-2014-5029
2014-07-29 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: cups-1.7.4-1.fc20
2014-07-19 06:00:32
[SECURITY] Fedora 19 Update: cups-1.6.4-10.fc19
2014-10-03 03:57:17
[SECURITY] Fedora 20 Update: cups-1.7.4-3.fc20
2014-07-30 21:57:02
debiancve
debiancve
CVE-2014-5029
2014-07-29 14:55:07
debian
debian
[SECURITY] [DSA 2990-1] cups security update
2014-07-27 14:18:27
[SECURITY] [DSA 2990-1] cups security update
2014-07-27 14:18:27
[DLA-0022-1] cups security update
2014-07-31 07:47:54
osv
osv
cups - security update
2014-07-31 00:00:00
cups-2.1.3-2.3 on GA media
2024-06-15 00:00:00
mageia
mageia
Updated cups packages fix security vulnerability
2014-08-06 00:08:48
amazon
amazon
Medium: cups
2014-10-28 17:17:00
oraclelinux
oraclelinux
cups security and bug fix update
2014-10-15 00:00:00
redhat
redhat
(RHSA-2014:1388) Moderate: cups security and bug fix update
2014-10-14 00:00:00
centos
centos
cups security update
2014-10-20 18:08:35
CVSS2
1.2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:N/A:N
EPSS
0.001
Percentile
26.5%
Related for DEBIANCVE:CVE-2014-3537