VIR Vulnerability Intelligence Relay

CVE-2014-2707

high
Published 2014-04-17 · Modified 2026-05-06
CVSS v3
CVSS v2
8.3
VIR risk
8.3

Description

cups-browsed in cups-filters 1.0.41 before 1.0.51 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the (1) model or (2) PDL, related to "System V interface scripts generated for queues."

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2014-2707

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://secunia.com/advisories/57530

OS impact
OSVersionStatusFixed in
debian debianbookwormfixed1.0.51-1
debian debianbullseyefixed1.0.51-1
debian debianforkyfixed1.0.51-1
debian debiansidfixed1.0.51-1
debian debiantrixiefixed1.0.51-1

Application impact
VendorProductVersionsFixed
linuxfoundationcups-filters1.0.41
linuxfoundationcups-filters1.0.42
linuxfoundationcups-filters1.0.43
linuxfoundationcups-filters1.0.44
linuxfoundationcups-filters1.0.45
linuxfoundationcups-filters1.0.46
linuxfoundationcups-filters1.0.47
linuxfoundationcups-filters1.0.48
linuxfoundationcups-filters1.0.49
linuxfoundationcups-filters1.0.50

References

CWEs

CWE-78

Verify integrity in audit chain (admin only). AS-IS.