Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2014-06-22	CVE-2014-4338	Permissions, Privileges, and Access Controls vulnerability in Linuxfoundation Cups-Filters cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all IP addresses. network high complexity linuxfoundation CWE-264	4.0
2014-06-22	CVE-2014-4337	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Linuxfoundation Cups-Filters The process_browse_data function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted packet data. network linuxfoundation CWE-119	4.3
2014-06-22	CVE-2014-4336	Command Injection vulnerability in Linuxfoundation Cups-Filters The generate_local_queue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. low complexity linuxfoundation CWE-77	5.8
2014-03-14	CVE-2013-6476	Permissions, Privileges, and Access Controls vulnerability in multiple products The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file. local canonical debian fedoraproject linuxfoundation CWE-264	4.4
2014-03-14	CVE-2013-6475	Numeric Errors vulnerability in multiple products Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allow remote attackers to execute arbitrary code via a crafted PDF file, which triggers a heap-based buffer overflow. network canonical debian fedoraproject linuxfoundation CWE-189	6.8
2014-03-14	CVE-2013-6474	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code via a crafted PDF file. network linuxfoundation canonical debian fedoraproject CWE-119	6.8
2014-03-14	CVE-2013-6473	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 1.0.25 before 1.0.47 allow remote attackers to execute arbitrary code via a large (1) page or (2) line in a URF file. network canonical linuxfoundation CWE-119	6.8