CVE-2010-0540
published 2010-06-17CVE-2010-0540: Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and…
medium6CVSS 3.1
AVNACMAuSCPIPAP
Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | cups | >= 0 < 1.4.4-1 | 1.4.4-1 |
| apple | cups | >= 0 < 1.4.4-1 | 1.4.4-1 |
| apple | cups | >= 0 < 1.4.4-1 | 1.4.4-1 |
| apple | cups | >= 0 < 1.4.4-1 | 1.4.4-1 |
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x_server | — | — |
| apple | mac_os_x_server | — | — |
| apple | mac_os_x_server | — | — |
| apple | mac_os_x_server | — | — |
| apple | mac_os_x_server | — | — |
| debian | cups | < cups 1.4.4-1 (bookworm) | cups 1.4.4-1 (bookworm) |
CVSS provenance
nvd6.0MEDIUMAV:N/AC:M/Au:S/C:P/I:P/A:P
osv6.0MEDIUM