Vulnerability in Linuxfoundation Cups-filters
CVE-2013-6476
The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file.
EPSS: 0.003 (54.0th percentile) — read the EPSS interpretation.
Affected products
- Linuxfoundation Cups-filters — versions 1.0, 1.0.1, 1.0.2
- Canonical Ubuntu_linux — versions 10.04, 12.04, 12.10
- Debian Debian_linux
- Fedoraproject Fedora
- N/a — versions n/a
Weakness classification (CWE)
References
- USN-2144-1 (x_refsource_UBUNTU, vendor-advisory)
- secalert@redhat.com (x_refsource_CONFIRM)
- DSA-2876 (vendor-advisory, x_refsource_DEBIAN)
- secalert@redhat.com (x_refsource_CONFIRM, Patch)
- USN-2143-1 (x_refsource_UBUNTU, vendor-advisory)
- DSA-2875 (vendor-advisory, x_refsource_DEBIAN)