BDU:2016-00006

Уязвимость фильтра печати Foomatic и операционной системы Ubuntu, позволяющая нарушителю выполнить произвольные команды

Severity: HIGH (7.5)

References:

Published: 2015-12-17
Modified: 2024-11-21

CVE-2015-8327

Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.

Severity: HIGH (7.5)

References:

Published: 2016-04-14
Modified: 2024-11-21

CVE-2015-8560

Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327.

Severity: HIGH (7.3) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

References:

Package sqlite3 updated to version 3.13.0-alt1 for branch sisyphus in task 166168.

Published: 2016-09-26
Modified: 2024-11-21

CVE-2016-6153

os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by leveraging use of the current working directory for temporary files.

Severity: MEDIUM (5.9) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

References:

Version: 2.1.0

Branch sisyphus update on 2016-06-21

ALT-BU-2016-2844-1

ALT-PU-2016-1627-1

Closed vulnerabilities

BDU:2016-00006

CVE-2015-8327

CVE-2015-8560

ALT-PU-2016-1628-1

Closed vulnerabilities

CVE-2016-6153