NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2024-47177

Summary	CUPS is a standards-based, open-source printing system, and cups-filters provides backends, filters, and other software for CUPS 2.x to use on non-Mac OS systems. Any value passed to `FoomaticRIPCommandLine` via a PPD file will be executed as a user controlled command. When combined with other logic bugs as described in CVE_2024-47176, this can lead to remote command execution.
Publication Date	Sept. 27, 2024, 7:15 a.m.
Registration Date	Sept. 27, 2024, noon
Last Update	Sept. 30, 2024, 9:46 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47
2	https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8
3	https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5
4	https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6
5	https://www.cups.org
6	https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-77	コマンドインジェクション	https://cwe.mitre.org/data/definitions/77.html