Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4510

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2012-4510
Last Modified 05 Dec 2013 12:17:57
Published 19 Nov 2012 07:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4510

Summary

cups-pk-helper before 0.2.3 does not properly wrap the (1) cupsGetFile and (2) cupsPutFile function calls, which allows user-assisted remote attackers to read or overwrite sensitive files using CUPS resources.

Vulnerable Systems

Application

  • Cups-pk-helper Project Cups-pk-helper 0.0.1

  • Cups-pk-helper Project Cups-pk-helper 0.0.2

  • Cups-pk-helper Project Cups-pk-helper 0.0.3

  • Cups-pk-helper Project Cups-pk-helper 0.0.4

  • Cups-pk-helper Project Cups-pk-helper 0.1.0

  • Cups-pk-helper Project Cups-pk-helper 0.1.1

  • Cups-pk-helper Project Cups-pk-helper 0.1.2

  • Cups-pk-helper Project Cups-pk-helper 0.1.3

  • Cups-pk-helper Project Cups-pk-helper 0.2.0

  • Cups-pk-helper Project Cups-pk-helper 0.2.1

  • Cups-pk-helper Project Cups-pk-helper 0.2.2


References

MLIST - [oss-security] 20121012 Security flaw in cups-pk-helper (CVE-2012-4510)

DEBIAN - DSA-2562

MANDRIVA - MDVSA-2013:069


Last Updated: 27 May 2016 10:58:29