7.2

CVE-2012-5519

Exploit
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleCups Version1.4.4
   AppleCups Version1.4.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.13% 0.795
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
http://support.apple.com/kb/HT5784
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692791
Exploit
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00010.html
http://rhn.redhat.com/errata/RHSA-2013-0580.html
http://www.openwall.com/lists/oss-security/2012/11/10/5
http://www.openwall.com/lists/oss-security/2012/11/11/2
http://www.openwall.com/lists/oss-security/2012/11/11/5
http://www.securityfocus.com/bid/56494
http://www.ubuntu.com/usn/USN-1654-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/80012