Vulnerability CVE-2013-6476: Information

Description

The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file.

Severity: MEDIUM (4.4)

URL: https://nvd.nist.gov/vuln/detail/CVE-2013-6476
Published: March 14, 2014
Modified: March 17, 2014
Error type identifier: CWE-264

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
cups-filterssisyphus1.0.47-alt12.0.0-alt1ALT-PU-2014-1278-1116264Fixed
cups-filtersp101.0.47-alt11.28.11-alt2ALT-PU-2014-1278-1116264Fixed
cups-filtersp91.0.47-alt11.28.8-alt2ALT-PU-2014-1278-1116264Fixed
cups-filtersc10f11.0.47-alt11.28.11-alt2ALT-PU-2014-1278-1116264Fixed
cups-filtersc9f21.0.47-alt11.28.8-alt2ALT-PU-2014-1278-1116264Fixed
cups-filtersc71.0.54-alt2.M70P.21.0.54-alt3.M70C.3ALT-PU-2014-2034-1128160Fixed
cups-filtersp111.0.47-alt12.0.0-alt1ALT-PU-2014-1278-1116264Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
DSA-2875
    USN-2144-1
      http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7176
      • Patch
      USN-2143-1
        https://bugzilla.redhat.com/show_bug.cgi?id=1027551
          DSA-2876

              1. Configuration 1

                cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
                cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
                cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
                cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
                cpe:2.3:o:fedoraproject:fedora:*:*:*:*:*:*:*:*
                cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*

                Configuration 2

                cpe:2.3:a:linuxfoundation:cups-filters:1.0:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.35:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.15:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.14:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.11:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.30:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.32:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.16:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.24:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.13:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.37:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.25:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.26:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.44:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.4:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.43:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.23:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.45:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.34:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.31:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.18:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.1:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.22:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.9:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.33:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.3:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.27:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.28:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.41:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.6:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.21:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.7:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.17:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.10:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.19:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.38:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.36:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.2:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.40:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.29:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.8:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.12:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.20:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.42:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:*:*:*:*:*:*:*:*
                End including
                1.0.46
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.5:*:*:*:*:*:*:*
                cpe:2.3:a:linuxfoundation:cups-filters:1.0.39:*:*:*:*:*:*:*
            VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
            Version: v24.5.3
            Back to top