Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2010-0393

Опубликовано: 05 мар. 2010
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.9

Описание

The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers.

РелизСтатусПримечание
dapper

DNE

devel

released

1.4.2-10
hardy

DNE

intrepid

released

1.3.9-2ubuntu9.5
jaunty

released

1.3.9-17ubuntu3.6
karmic

released

1.4.1-5ubuntu2.4
upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

released

1.2.2-0ubuntu0.6.06.17
devel

DNE

hardy

released

1.3.7-1ubuntu3.8
intrepid

DNE

jaunty

DNE

karmic

DNE

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 24%
0.0008
Низкий

6.9 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2010-0393

redhat
больше 15 лет назад

The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers.

nvd логотип

CVE-2010-0393

nvd
больше 15 лет назад

The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers.

debian логотип

CVE-2010-0393

debian
больше 15 лет назад

The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1 ...

github логотип

GHSA-6j26-qg9p-xqqm

github
больше 3 лет назад

The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers.

fstec логотип

BDU:2015-03348

fstec
больше 10 лет назад

Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 24%
0.0008
Низкий

6.9 Medium

CVSS2