Local Privilege Escalation in CUPS by Apple and Other Vendors
CVE-2010-0393

Currently unrated

Key Information:

Vendor

Apple
Status
Cups
Vendor
CVE Published:
5 March 2010

What is CVE-2010-0393?

The vulnerability arises from the _cupsGetlang function in the lppasswd component of CUPS, which incorrectly relies on an environment variable to determine the source of localized message strings. This flaw permits local users to execute malicious files containing tailored localization data with format string specifiers. As a result, attackers can potentially escalate their privileges within the affected environment, leading to unauthorized access and manipulation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.cups.org/str.php?L3482
x_refsource_MISC
http://www.ubuntu.com/usn/USN-906-1
vendor-advisoryx_refsource_UBUNTU
http://www.securityfocus.com/bid/38524
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.