Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-5029HistoryJul 29, 2014 - 2:55 p.m.
CVE-2014-5029
2014-07-2914:55:07
Debian Security Bug Tracker
security-tracker.debian.org
19
CVSS2
1.5
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:S/C:P/I:N/A:N
EPSS
0.001
Percentile
26.5%
The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cups | < 1.7.4-2 | cups_1.7.4-2_all.deb |
| Debian | 11 | all | cups | < 1.7.4-2 | cups_1.7.4-2_all.deb |
| Debian | 999 | all | cups | < 1.7.4-2 | cups_1.7.4-2_all.deb |
| Debian | 13 | all | cups | < 1.7.4-2 | cups_1.7.4-2_all.deb |
Related
nessus
nessus
Fedora 19 : cups-1.6.4-10.fc19 (2014-9703)
2014-10-03 00:00:00
Debian DSA-2990-1 : cups - security update
2014-07-28 00:00:00
SuSE 11.3 Security Update : CUPS (SAT Patch Number 9561)
2014-08-15 00:00:00
cvelist
cvelist
CVE-2014-5029
2014-07-29 14:00:00
CVE-2014-3537
2014-07-23 14:00:00
prion
prion
Code injection
2014-07-29 14:55:00
Design/Logic Flaw
2014-07-23 14:55:00
ubuntucve
ubuntucve
CVE-2014-5029
2014-07-29 00:00:00
CVE-2014-3537
2014-07-17 00:00:00
veracode
veracode
Information Disclosure
2019-05-02 05:12:22
Information Disclosure
2019-05-02 05:12:22
nvd
nvd
CVE-2014-5029
2014-07-29 14:55:07
CVE-2014-3537
2014-07-23 14:55:05
cve
cve
CVE-2014-5029
2014-07-29 14:55:07
CVE-2014-3537
2014-07-23 14:55:05
fedora
fedora
[SECURITY] Fedora 20 Update: cups-1.7.4-3.fc20
2014-07-30 21:57:02
[SECURITY] Fedora 19 Update: cups-1.6.4-10.fc19
2014-10-03 03:57:17
[SECURITY] Fedora 20 Update: cups-1.7.5-12.fc20
2015-02-20 08:33:22
debian
debian
[SECURITY] [DSA 2990-1] cups security update
2014-07-27 14:18:27
[SECURITY] [DSA 2990-1] cups security update
2014-07-27 14:18:27
[DLA-0022-1] cups security update
2014-07-31 07:47:54
securityvulns
securityvulns
CUPS unauthorized files access
2014-07-28 00:00:00
[SECURITY] [DSA 2990-1] cups security update
2014-07-28 00:00:00
[USN-2293-1] CUPS vulnerability
2014-07-22 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2990-1)
2014-07-26 00:00:00
Fedora Update for cups FEDORA-2014-9703
2014-10-04 00:00:00
Debian: Security Advisory (DLA-0022-1)
2023-03-08 00:00:00
osv
osv
cups - security update
2014-07-31 00:00:00
cups-2.1.3-2.3 on GA media
2024-06-15 00:00:00
mageia
mageia
Updated cups packages fix security vulnerability
2014-08-06 00:08:48
debiancve
debiancve
CVE-2014-3537
2014-07-23 14:55:05
ubuntu
ubuntu
CUPS vulnerability
2014-07-21 00:00:00
CUPS vulnerabilities
2014-09-08 00:00:00
amazon
amazon
Medium: cups
2014-10-28 17:17:00
oraclelinux
oraclelinux
cups security and bug fix update
2014-10-15 00:00:00
redhat
redhat
(RHSA-2014:1388) Moderate: cups security and bug fix update
2014-10-14 00:00:00
centos
centos
cups security update
2014-10-20 18:08:35
CVSS2
1.5
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:S/C:P/I:N/A:N
EPSS
0.001
Percentile
26.5%
Related for DEBIANCVE:CVE-2014-5029