CVE-2011-2964

Name of the Vulnerable Software and Affected Versions Foomatic versions prior to 4.0.9 Foomatic version 4.0.6 Foomatic version 4.0.4

Description The issue allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file. Exploitation of the vulnerabilities may lead to disruption of confidentiality, integrity, and availability of protected information. The exploitation can be carried out remotely.

Recommendations For Foomatic versions prior to 4.0.9, update to version 4.0.9 or later. For Foomatic version 4.0.6, update to version 4.0.9 or later. For Foomatic version 4.0.4, update to version 4.0.9 or later. As a temporary workaround, consider restricting access to the foomaticrip.c file and the *FoomaticRIPCommandLine field in .ppd files until a patch is available.