CVE-2010-2431

CWE-599 documents8 sources

Severity

2.6LOW

EPSS

0.1%

top 81.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Cups

Timeline

PublishedJun 22

Latest updateMay 17

Description

The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file.

CVSS vector

AV:L/AC:H/C:N/I:P/A:PExploitability: 1.9 | Impact: 4.9

Affected Packages2 packages

▶Debiancups< 1.4.4-1+3

▶NVDapple/cups1.4.3+61

Patches

Patch: cups.org ↗Patch: cups.org ↗

🔴Vulnerability Details

GHSA

GHSA-q362-8vfv-xw4c: The cupsFileOpen function in CUPS before 1↗2022-05-17

▶

CVEList

CVE-2010-2431: The cupsFileOpen function in CUPS before 1↗2010-06-22

▶

OSV

CVE-2010-2431: The cupsFileOpen function in CUPS before 1↗2010-06-22

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Office 2007 - 'OGL.dll' DpOutputSpanStretch::OutputSpan Out of Bounds Write (MS15-080)↗2015-08-21

▶

📋Vendor Advisories

Red Hat

cups: latent privilege escalation vulnerability↗2010-06-15

▶

Debian

CVE-2010-2431: cups - The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group...↗2010

▶

💬Community

Bugzilla

CVE-2010-2431 cups: latent privilege escalation vulnerability↗2010-06-17

▶

Bugzilla

CVE-2010-0540 CVE-2010-0542 CVE-2010-1748 CVE-2010-2431 cups various flaws [fedora-all]↗2010-06-17

▶