CVE-2013-6476

Name of the Vulnerable Software and Affected Versions cups-filters versions prior to 1.0.47 cups-filters versions prior to 1.0.53

Description The issue allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file, specifically through the OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp filter in CUPS and cups-filters. Multiple vulnerabilities in the cups-filters package may lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely.

Recommendations For versions prior to 1.0.47, update to version 1.0.47 or later. For versions prior to 1.0.53, update to version 1.0.53 or later. As a temporary workaround, consider restricting access to the pdftoopvp filter until a patch is available.