PT-2011-1139 · Openprinting+1 · Foomatic+1

Published

2011-07-29

Updated

2017-08-29

CVE-2011-2964

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Foomatic versions prior to 4.0.9 Foomatic version 4.0.6 Foomatic version 4.0.4

Description The issue allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file. Exploitation of the vulnerabilities may lead to disruption of confidentiality, integrity, and availability of protected information. The exploitation can be carried out remotely.

Recommendations For Foomatic versions prior to 4.0.9, update to version 4.0.9 or later. For Foomatic version 4.0.6, update to version 4.0.9 or later. For Foomatic version 4.0.4, update to version 4.0.9 or later. As a temporary workaround, consider restricting access to the foomaticrip.c file and the *FoomaticRIPCommandLine field in .ppd files until a patch is available.

Exploit

Fix

RCE

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94CWE-20

Related Identifiers

BDU:2015-07199

BDU:2015-07200

BDU:2015-09438

CVE-2011-2964

DSA-2380-1

RHSA-2011:1110

RHSA-2011_1110

Affected Products

Foomatic

Red Hat

PT-2011-1139 · Openprinting+1 · Foomatic+1

CVE-2011-2964

Weakness Enumeration

Related Identifiers

Affected Products

References · 23