CVE-2010-0393

CWE-2648 documents8 sources
Severity
6.9MEDIUM
EPSS
0.1%
top 76.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Cups
Timeline
PublishedMar 5
Latest updateMay 2

Description

The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages2 packages

Debiancups< 1.4.2-9.1+3
NVDapple/cups4 versions+3

🔴Vulnerability Details

3
GHSA
GHSA-6j26-qg9p-xqqm: The _cupsGetlang function, as used by lppasswd2022-05-02
CVEList
CVE-2010-0393: The _cupsGetlang function, as used by lppasswd2010-03-05
OSV
CVE-2010-0393: The _cupsGetlang function, as used by lppasswd2010-03-05

📋Vendor Advisories

3
Ubuntu
CUPS vulnerabilities2010-03-03
Red Hat
: cups possible arbitrary code execution via suid lppasswd (STR #3482)2010-03-03
Debian
CVE-2010-0393: cups - The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3....2010

💬Community

1
Bugzilla
CVE-2010-0393: cups possible arbitrary code execution via suid lppasswd (STR #3482)2010-01-25
CVE-2010-0393 (MEDIUM CVSS 6.9) | The _cupsGetlang function | cvebase.io