Ubuntu Update For Cups-filters USN-2143-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Florian Weimer discovered that cups-filters incorrectly handled memory in the urftopdf filter. An attacker could possibly use this issue to execute arbitrary code with the privileges of the lp user. This issue only affected Ubuntu 13.10. (CVE-2013-6473) Florian Weimer discovered that cups-filters incorrectly handled memory in the pdftoopvp filter. An attacker could possibly use this issue to execute arbitrary code with the privileges of the lp user. (CVE-2013-6474, CVE-2013-6475) Florian Weimer discovered that cups-filters did not restrict driver directories in in the pdftoopvp filter. An attacker could possibly use this issue to execute arbitrary code with the privileges of the lp user. (CVE-2013-6476)

Affected

cups-filters on Ubuntu 13.10 , Ubuntu 12.10 , Ubuntu 12.04 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-March/002437.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-6473, CVE-2013-6474, CVE-2013-6475, CVE-2013-6476
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for cups-filters USN-2143-1

Take action and discover your vulnerabilities