CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
99.0%
It was discovered that CUPS incorrectly handled reference counting when
handling localized strings. A remote attacker could use this issue to
escalate permissions, upload a replacement CUPS configuration file, and
execute arbitrary code. (CVE-2015-1158)
It was discovered that the CUPS templating engine contained a cross-site
scripting issue. A remote attacker could use this issue to bypass default
configuration settings. (CVE-2015-1159)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 15.04 | noarch | cups | < 2.0.2-1ubuntu3.1 | UNKNOWN |
Ubuntu | 15.04 | noarch | cups-bsd | < 2.0.2-1ubuntu3.1 | UNKNOWN |
Ubuntu | 15.04 | noarch | cups-bsd-dbgsym | < 2.0.2-1ubuntu3.1 | UNKNOWN |
Ubuntu | 15.04 | noarch | cups-client | < 2.0.2-1ubuntu3.1 | UNKNOWN |
Ubuntu | 15.04 | noarch | cups-client-dbgsym | < 2.0.2-1ubuntu3.1 | UNKNOWN |
Ubuntu | 15.04 | noarch | cups-common | < 2.0.2-1ubuntu3.1 | UNKNOWN |
Ubuntu | 15.04 | noarch | cups-core-drivers | < 2.0.2-1ubuntu3.1 | UNKNOWN |
Ubuntu | 15.04 | noarch | cups-core-drivers-dbgsym | < 2.0.2-1ubuntu3.1 | UNKNOWN |
Ubuntu | 15.04 | noarch | cups-daemon | < 2.0.2-1ubuntu3.1 | UNKNOWN |
Ubuntu | 15.04 | noarch | cups-daemon-dbgsym | < 2.0.2-1ubuntu3.1 | UNKNOWN |