CVE-2014-2707
cups-filters 1.0.41-1.0.51 - Remote Code Execution via IPP Printer Model or PDL
Title source: llmDescription
cups-browsed in cups-filters 1.0.41 before 1.0.51 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the (1) model or (2) PDL, related to "System V interface scripts generated for queues."
References (6)
Core 6
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/57530
Various Sources x_refsource_confirm
http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7188#NEWS
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131485.html
Mailing List mailing-list
x_refsource_mlist
http://seclists.org/oss-sec/2014/q2/13
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2210-1
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1083326
Scores
EPSS
0.0134
EPSS Percentile
80.2%
Details
CWE
CWE-78
Status
published
Products (10)
linuxfoundation/cups-filters
1.0.41
linuxfoundation/cups-filters
1.0.42
linuxfoundation/cups-filters
1.0.43
linuxfoundation/cups-filters
1.0.44
linuxfoundation/cups-filters
1.0.45
linuxfoundation/cups-filters
1.0.46
linuxfoundation/cups-filters
1.0.47
linuxfoundation/cups-filters
1.0.48
linuxfoundation/cups-filters
1.0.49
linuxfoundation/cups-filters
1.0.50
Published
Apr 17, 2014
Tracked Since
Feb 18, 2026