Wind River Support Network

HomeDefectsLIN6-7280

Fixed

LIN6-7280 : Security Advisory - cups - CVE-2014-2856

Created: Apr 29, 2014 Updated: Dec 3, 2018

Resolved Date: May 5, 2014

Found In Version: 6.0.0.7

Fix Version: 6.0.0.7

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2856

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38