Remote Information Disclosure in CUPS Web Interface by Apple
CVE-2014-5031

Currently unrated

Key Information:

Vendor: Apple
Status: Cups
Vendor: CVE Published:; 29 July 2014

What is CVE-2014-5031?

The CUPS web interface prior to version 2.0 is susceptible to a vulnerability that fails to enforce world-readable permissions on files. This flaw enables remote attackers to gain access to sensitive information through various unspecified methods, potentially compromising system integrity and user privacy.

References

https://cups.org/str.php?L4455

x_refsource_CONFIRM

http://www.ubuntu.com/usn/USN-2341-1

vendor-advisoryx_refsource_UBUNTU

http://www.openwall.com/lists/oss-security/2014/07/22/13

mailing-listx_refsource_MLIST

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 29, 2014
Vulnerability Reserved
Jul 22, 2014