The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2015-03-24T17:00:00
Updated: 2016-12-23T18:57:01
Reserved: 2015-03-09T00:00:00
Link: CVE-2015-2265
JSON object: View
NVD Information
Status : Modified
Published: 2015-03-24T17:59:09.727
Modified: 2016-12-28T02:59:07.323
Link: CVE-2015-2265
JSON object: View
Redhat Information
No data.
CWE