CVE-2014-5031

The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
Affected Products (NVD)
VendorProductVersion
applecups
𝑥
≤ 1.7.4
applecups
1.7:rc1
applecups
1.7.0
applecups
1.7.1
applecups
1.7.1:b1
applecups
1.7.2
applecups
1.7.3
canonicalubuntu_linux
10.04
canonicalubuntu_linux
12.04
canonicalubuntu_linux
14.04
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
cups
bookworm
2.4.2-3+deb12u7
fixed
bookworm (security)
2.4.2-3+deb12u8
fixed
bullseye
2.3.3op2-3+deb11u8
fixed
bullseye (security)
2.3.3op2-3+deb11u9
fixed
sid
2.4.10-2
fixed
trixie
2.4.10-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
cups
lucid
Fixed 1.4.3-1ubuntu1.13
released
precise
Fixed 1.5.3-0ubuntu8.5
released
trusty
Fixed 1.7.2-0ubuntu1.2
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
cups
suse enterprise desktop 15
2.2.7-1.24
fixed
suse enterprise desktop 15 SP1
2.2.7-3.11.7
fixed
suse enterprise desktop 15 SP2
2.2.7-3.17.1
fixed
suse enterprise desktop 15 SP3
2.2.7-3.26.1
fixed
suse enterprise desktop 15 SP4
2.2.7-3.26.1
fixed
suse enterprise desktop 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise desktop 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise desktop 15 SP7
2.2.7-150000.3.65.1
fixed
suse enterprise sap 12 SP5
1.7.5-20.23.1
fixed
suse enterprise sap 15
2.2.7-1.24
fixed
suse enterprise sap 15 SP1
2.2.7-3.11.7
fixed
suse enterprise sap 15 SP2
2.2.7-3.17.1
fixed
suse enterprise sap 15 SP3
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP4
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise sap 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise sap 15 SP7
2.2.7-150000.3.65.1
fixed
suse enterprise server 12 SP5
1.7.5-20.23.1
fixed
suse enterprise server 15
2.2.7-1.24
fixed
suse enterprise server 15 SP1
2.2.7-3.11.7
fixed
suse enterprise server 15 SP2
2.2.7-3.17.1
fixed
suse enterprise server 15 SP3
2.2.7-3.26.1
fixed
suse enterprise server 15 SP4
2.2.7-3.26.1
fixed
suse enterprise server 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise server 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise server 15 SP7
2.2.7-150000.3.65.1
fixed
cups-client
suse enterprise desktop 15
2.2.7-1.24
fixed
suse enterprise desktop 15 SP1
2.2.7-3.11.7
fixed
suse enterprise desktop 15 SP2
2.2.7-3.17.1
fixed
suse enterprise desktop 15 SP3
2.2.7-3.26.1
fixed
suse enterprise desktop 15 SP4
2.2.7-3.26.1
fixed
suse enterprise desktop 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise desktop 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise desktop 15 SP7
2.2.7-150000.3.65.1
fixed
suse enterprise sap 12 SP5
1.7.5-20.23.1
fixed
suse enterprise sap 15
2.2.7-1.24
fixed
suse enterprise sap 15 SP1
2.2.7-3.11.7
fixed
suse enterprise sap 15 SP2
2.2.7-3.17.1
fixed
suse enterprise sap 15 SP3
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP4
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise sap 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise sap 15 SP7
2.2.7-150000.3.65.1
fixed
suse enterprise server 12 SP5
1.7.5-20.23.1
fixed
suse enterprise server 15
2.2.7-1.24
fixed
suse enterprise server 15 SP1
2.2.7-3.11.7
fixed
suse enterprise server 15 SP2
2.2.7-3.17.1
fixed
suse enterprise server 15 SP3
2.2.7-3.26.1
fixed
suse enterprise server 15 SP4
2.2.7-3.26.1
fixed
suse enterprise server 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise server 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise server 15 SP7
2.2.7-150000.3.65.1
fixed
cups-config
suse enterprise desktop 15
2.2.7-1.24
fixed
suse enterprise desktop 15 SP1
2.2.7-3.11.7
fixed
suse enterprise desktop 15 SP2
2.2.7-3.17.1
fixed
suse enterprise desktop 15 SP3
2.2.7-3.26.1
fixed
suse enterprise desktop 15 SP4
2.2.7-3.26.1
fixed
suse enterprise desktop 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise desktop 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise desktop 15 SP7
2.2.7-150000.3.65.1
fixed
suse enterprise sap 15
2.2.7-1.24
fixed
suse enterprise sap 15 SP1
2.2.7-3.11.7
fixed
suse enterprise sap 15 SP2
2.2.7-3.17.1
fixed
suse enterprise sap 15 SP3
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP4
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise sap 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise sap 15 SP7
2.2.7-150000.3.65.1
fixed
suse enterprise server 15
2.2.7-1.24
fixed
suse enterprise server 15 SP1
2.2.7-3.11.7
fixed
suse enterprise server 15 SP2
2.2.7-3.17.1
fixed
suse enterprise server 15 SP3
2.2.7-3.26.1
fixed
suse enterprise server 15 SP4
2.2.7-3.26.1
fixed
suse enterprise server 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise server 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise server 15 SP7
2.2.7-150000.3.65.1
fixed
cups-devel
suse enterprise desktop 15
2.2.7-1.24
fixed
suse enterprise desktop 15 SP1
2.2.7-3.11.7
fixed
suse enterprise desktop 15 SP2
2.2.7-3.17.1
fixed
suse enterprise desktop 15 SP3
2.2.7-3.26.1
fixed
suse enterprise desktop 15 SP4
2.2.7-3.26.1
fixed
suse enterprise desktop 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise desktop 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise desktop 15 SP7
2.2.7-150000.3.65.1
fixed
suse enterprise sap 15
2.2.7-1.24
fixed
suse enterprise sap 15 SP1
2.2.7-3.11.7
fixed
suse enterprise sap 15 SP2
2.2.7-3.17.1
fixed
suse enterprise sap 15 SP3
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP4
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise sap 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise sap 15 SP7
2.2.7-150000.3.65.1
fixed
suse enterprise server 15
2.2.7-1.24
fixed
suse enterprise server 15 SP1
2.2.7-3.11.7
fixed
suse enterprise server 15 SP2
2.2.7-3.17.1
fixed
suse enterprise server 15 SP3
2.2.7-3.26.1
fixed
suse enterprise server 15 SP4
2.2.7-3.26.1
fixed
suse enterprise server 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise server 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise server 15 SP7
2.2.7-150000.3.65.1
fixed
cups-libs
suse enterprise sap 12 SP5
1.7.5-20.23.1
fixed
suse enterprise server 12 SP5
1.7.5-20.23.1
fixed
cups-libs-32bit
suse enterprise sap 12 SP5
1.7.5-20.23.1
fixed
suse enterprise server 12 SP5
1.7.5-20.23.1
fixed
cups154
suse enterprise sap 12
1.5.4-2.5
fixed
suse enterprise sap 12 SP3
1.5.4-2.5
fixed
suse enterprise sap 12 SP4
1.5.4-2.5
fixed
suse enterprise sap 12 SP5
1.5.4-2.5
fixed
suse enterprise server 12
1.5.4-2.5
fixed
suse enterprise server 12 SP3
1.5.4-2.5
fixed
suse enterprise server 12 SP4
1.5.4-2.5
fixed
suse enterprise server 12 SP5
1.5.4-2.5
fixed
cups154-client
suse enterprise sap 12
1.5.4-2.5
fixed
suse enterprise sap 12 SP3
1.5.4-2.5
fixed
suse enterprise sap 12 SP4
1.5.4-2.5
fixed
suse enterprise sap 12 SP5
1.5.4-2.5
fixed
suse enterprise server 12
1.5.4-2.5
fixed
suse enterprise server 12 SP3
1.5.4-2.5
fixed
suse enterprise server 12 SP4
1.5.4-2.5
fixed
suse enterprise server 12 SP5
1.5.4-2.5
fixed
cups154-filters
suse enterprise sap 12
1.5.4-2.5
fixed
suse enterprise sap 12 SP3
1.5.4-2.5
fixed
suse enterprise sap 12 SP4
1.5.4-2.5
fixed
suse enterprise sap 12 SP5
1.5.4-2.5
fixed
suse enterprise server 12
1.5.4-2.5
fixed
suse enterprise server 12 SP3
1.5.4-2.5
fixed
suse enterprise server 12 SP4
1.5.4-2.5
fixed
suse enterprise server 12 SP5
1.5.4-2.5
fixed
cups154-libs
suse enterprise sap 12
1.5.4-2.5
fixed
suse enterprise sap 12 SP3
1.5.4-2.5
fixed
suse enterprise sap 12 SP4
1.5.4-2.5
fixed
suse enterprise sap 12 SP5
1.5.4-2.5
fixed
suse enterprise server 12
1.5.4-2.5
fixed
suse enterprise server 12 SP3
1.5.4-2.5
fixed
suse enterprise server 12 SP4
1.5.4-2.5
fixed
suse enterprise server 12 SP5
1.5.4-2.5
fixed
libcups2
suse enterprise desktop 15
2.2.7-1.24
fixed
suse enterprise desktop 15 SP1
2.2.7-3.11.7
fixed
suse enterprise desktop 15 SP2
2.2.7-3.17.1
fixed
suse enterprise desktop 15 SP3
2.2.7-3.26.1
fixed
suse enterprise desktop 15 SP4
2.2.7-3.26.1
fixed
suse enterprise desktop 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise desktop 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise desktop 15 SP7
2.2.7-150000.3.65.1
fixed
suse enterprise sap 15
2.2.7-1.24
fixed
suse enterprise sap 15 SP1
2.2.7-3.11.7
fixed
suse enterprise sap 15 SP2
2.2.7-3.17.1
fixed
suse enterprise sap 15 SP3
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP4
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise sap 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise sap 15 SP7
2.2.7-150000.3.65.1
fixed
suse enterprise server 15
2.2.7-1.24
fixed
suse enterprise server 15 SP1
2.2.7-3.11.7
fixed
suse enterprise server 15 SP2
2.2.7-3.17.1
fixed
suse enterprise server 15 SP3
2.2.7-3.26.1
fixed
suse enterprise server 15 SP4
2.2.7-3.26.1
fixed
suse enterprise server 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise server 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise server 15 SP7
2.2.7-150000.3.65.1
fixed
libcups2-32bit
suse enterprise desktop 15 SP1
2.2.7-3.11.7
fixed
suse enterprise desktop 15 SP2
2.2.7-3.17.1
fixed
suse enterprise desktop 15 SP3
2.2.7-3.26.1
fixed
suse enterprise desktop 15 SP4
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP1
2.2.7-3.11.7
fixed
suse enterprise sap 15 SP2
2.2.7-3.17.1
fixed
suse enterprise sap 15 SP3
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP4
2.2.7-3.26.1
fixed
suse enterprise server 15 SP1
2.2.7-3.11.7
fixed
suse enterprise server 15 SP2
2.2.7-3.17.1
fixed
suse enterprise server 15 SP3
2.2.7-3.26.1
fixed
suse enterprise server 15 SP4
2.2.7-3.26.1
fixed
libcupscgi1
suse enterprise desktop 15
2.2.7-1.24
fixed
suse enterprise desktop 15 SP1
2.2.7-3.11.7
fixed
suse enterprise desktop 15 SP2
2.2.7-3.17.1
fixed
suse enterprise desktop 15 SP3
2.2.7-3.26.1
fixed
suse enterprise desktop 15 SP4
2.2.7-3.26.1
fixed
suse enterprise desktop 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise desktop 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise desktop 15 SP7
2.2.7-150000.3.65.1
fixed
suse enterprise sap 15
2.2.7-1.24
fixed
suse enterprise sap 15 SP1
2.2.7-3.11.7
fixed
suse enterprise sap 15 SP2
2.2.7-3.17.1
fixed
suse enterprise sap 15 SP3
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP4
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise sap 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise sap 15 SP7
2.2.7-150000.3.65.1
fixed
suse enterprise server 15
2.2.7-1.24
fixed
suse enterprise server 15 SP1
2.2.7-3.11.7
fixed
suse enterprise server 15 SP2
2.2.7-3.17.1
fixed
suse enterprise server 15 SP3
2.2.7-3.26.1
fixed
suse enterprise server 15 SP4
2.2.7-3.26.1
fixed
suse enterprise server 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise server 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise server 15 SP7
2.2.7-150000.3.65.1
fixed
libcupsimage2
suse enterprise desktop 15
2.2.7-1.24
fixed
suse enterprise desktop 15 SP1
2.2.7-3.11.7
fixed
suse enterprise desktop 15 SP2
2.2.7-3.17.1
fixed
suse enterprise desktop 15 SP3
2.2.7-3.26.1
fixed
suse enterprise desktop 15 SP4
2.2.7-3.26.1
fixed
suse enterprise desktop 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise desktop 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise desktop 15 SP7
2.2.7-150000.3.65.1
fixed
suse enterprise sap 15
2.2.7-1.24
fixed
suse enterprise sap 15 SP1
2.2.7-3.11.7
fixed
suse enterprise sap 15 SP2
2.2.7-3.17.1
fixed
suse enterprise sap 15 SP3
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP4
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise sap 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise sap 15 SP7
2.2.7-150000.3.65.1
fixed
suse enterprise server 15
2.2.7-1.24
fixed
suse enterprise server 15 SP1
2.2.7-3.11.7
fixed
suse enterprise server 15 SP2
2.2.7-3.17.1
fixed
suse enterprise server 15 SP3
2.2.7-3.26.1
fixed
suse enterprise server 15 SP4
2.2.7-3.26.1
fixed
suse enterprise server 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise server 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise server 15 SP7
2.2.7-150000.3.65.1
fixed
libcupsmime1
suse enterprise desktop 15
2.2.7-1.24
fixed
suse enterprise desktop 15 SP1
2.2.7-3.11.7
fixed
suse enterprise desktop 15 SP2
2.2.7-3.17.1
fixed
suse enterprise desktop 15 SP3
2.2.7-3.26.1
fixed
suse enterprise desktop 15 SP4
2.2.7-3.26.1
fixed
suse enterprise desktop 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise desktop 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise desktop 15 SP7
2.2.7-150000.3.65.1
fixed
suse enterprise sap 15
2.2.7-1.24
fixed
suse enterprise sap 15 SP1
2.2.7-3.11.7
fixed
suse enterprise sap 15 SP2
2.2.7-3.17.1
fixed
suse enterprise sap 15 SP3
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP4
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise sap 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise sap 15 SP7
2.2.7-150000.3.65.1
fixed
suse enterprise server 15
2.2.7-1.24
fixed
suse enterprise server 15 SP1
2.2.7-3.11.7
fixed
suse enterprise server 15 SP2
2.2.7-3.17.1
fixed
suse enterprise server 15 SP3
2.2.7-3.26.1
fixed
suse enterprise server 15 SP4
2.2.7-3.26.1
fixed
suse enterprise server 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise server 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise server 15 SP7
2.2.7-150000.3.65.1
fixed
libcupsppdc1
suse enterprise desktop 15
2.2.7-1.24
fixed
suse enterprise desktop 15 SP1
2.2.7-3.11.7
fixed
suse enterprise desktop 15 SP2
2.2.7-3.17.1
fixed
suse enterprise desktop 15 SP3
2.2.7-3.26.1
fixed
suse enterprise desktop 15 SP4
2.2.7-3.26.1
fixed
suse enterprise desktop 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise desktop 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise desktop 15 SP7
2.2.7-150000.3.65.1
fixed
suse enterprise sap 15
2.2.7-1.24
fixed
suse enterprise sap 15 SP1
2.2.7-3.11.7
fixed
suse enterprise sap 15 SP2
2.2.7-3.17.1
fixed
suse enterprise sap 15 SP3
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP4
2.2.7-3.26.1
fixed
suse enterprise sap 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise sap 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise sap 15 SP7
2.2.7-150000.3.65.1
fixed
suse enterprise server 15
2.2.7-1.24
fixed
suse enterprise server 15 SP1
2.2.7-3.11.7
fixed
suse enterprise server 15 SP2
2.2.7-3.17.1
fixed
suse enterprise server 15 SP3
2.2.7-3.26.1
fixed
suse enterprise server 15 SP4
2.2.7-3.26.1
fixed
suse enterprise server 15 SP5
2.2.7-150000.3.40.1
fixed
suse enterprise server 15 SP6
2.2.7-150000.3.54.1
fixed
suse enterprise server 15 SP7
2.2.7-150000.3.65.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
cups
RHEL 6
1:1.4.2-67.el6
fixed
RHEL 7
1:1.6.3-17.el7
fixed
cups-client
RHEL 7
1:1.6.3-17.el7
fixed
cups-devel
RHEL 6
1:1.4.2-67.el6
fixed
RHEL 7
1:1.6.3-17.el7
fixed
cups-filesystem
RHEL 7
1:1.6.3-17.el7
fixed
cups-ipptool
RHEL 7
1:1.6.3-17.el7
fixed
cups-libs
RHEL 6
1:1.4.2-67.el6
fixed
RHEL 7
1:1.6.3-17.el7
fixed
cups-lpd
RHEL 6
1:1.4.2-67.el6
fixed
RHEL 7
1:1.6.3-17.el7
fixed
cups-php
RHEL 6
1:1.4.2-67.el6
fixed
Common Weakness Enumeration
References
http://advisories.mageia.org/MGASA-2014-0313.html
http://rhn.redhat.com/errata/RHSA-2014-1388.html
http://secunia.com/advisories/60509
http://secunia.com/advisories/60787
http://www.debian.org/security/2014/dsa-2990
http://www.mandriva.com/security/advisories?name=MDVSA-2015:108
http://www.openwall.com/lists/oss-security/2014/07/22/13
http://www.openwall.com/lists/oss-security/2014/07/22/2
http://www.ubuntu.com/usn/USN-2341-1
https://cups.org/str.php?L4455
http://advisories.mageia.org/MGASA-2014-0313.html
http://rhn.redhat.com/errata/RHSA-2014-1388.html
http://secunia.com/advisories/60509
http://secunia.com/advisories/60787
http://www.debian.org/security/2014/dsa-2990
http://www.mandriva.com/security/advisories?name=MDVSA-2015:108
http://www.openwall.com/lists/oss-security/2014/07/22/13
http://www.openwall.com/lists/oss-security/2014/07/22/2
http://www.ubuntu.com/usn/USN-2341-1
https://cups.org/str.php?L4455