What is CVE-2010-0393?

CVE-2010-0393 is a vulnerability in Apple Cups, classified under CWE-264. Published 2010-03-05.

Is CVE-2010-0393 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apple Cups

CVE-2010-0393

The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileg…

EPSS: 0.001 (23.8th percentile) — read the EPSS interpretation.

Affected products

Apple Cups — versions 1.2.2, 1.3.7, 1.3.9
N/a — versions n/a

Weakness classification (CWE)

CWE-264

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

APPLE-SA-2010-03-29-1 (vendor-advisory, x_refsource_APPLE)
GLSA-201207-10 (vendor-advisory, x_refsource_GENTOO)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_MISC)
MDVSA-2010:072 (vendor-advisory, x_refsource_MANDRIVA)
MDVSA-2010:073 (vendor-advisory, x_refsource_MANDRIVA)
38524 (vdb-entry, x_refsource_BID)
USN-906-1 (x_refsource_UBUNTU, vendor-advisory)
cve@mitre.org (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2010-0393?: CVE-2010-0393 is a vulnerability in Apple Cups, classified under CWE-264. Published 2010-03-05.
Is CVE-2010-0393 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.