1
PublicDateAtUSN: 2015-06-09
2
Candidate: CVE-2015-1158
6
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1158
7
http://www.kb.cert.org/vuls/id/810572
8
https://usn.ubuntu.com/usn/usn-2629-1
10
The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3
11
performs incorrect free operations for multiple-value
12
job-originating-host-name attributes, which allows remote attackers to
13
trigger data corruption for reference-counted strings via a crafted (1)
14
IPP_CREATE_JOB or (2) IPP_PRINT_JOB request, as demonstrated by replacing
15
the configuration file and consequently executing arbitrary code.
19
https://www.cups.org/str.php?L4609
25
upstream_cups: needs-triage
26
precise_cups: released (1.5.3-0ubuntu8.7)
27
trusty_cups: released (1.7.2-0ubuntu1.6)
28
utopic_cups: released (1.7.5-3ubuntu3.2)
29
vivid_cups: released (2.0.2-1ubuntu3.1)
30
devel_cups: released (2.0.2-3ubuntu1)
31
vivid/stable-phone-overlay_cups: released (2.0.2-1ubuntu3.1)
32
vivid/ubuntu-core_cups: DNE