The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Cups | Apple | * | 1.7.4 (including) |
Cups | Apple | 1.7-rc1 (including) | 1.7-rc1 (including) |
Cups | Apple | 1.7.0 (including) | 1.7.0 (including) |
Cups | Apple | 1.7.1 (including) | 1.7.1 (including) |
Cups | Apple | 1.7.1-b1 (including) | 1.7.1-b1 (including) |
Cups | Apple | 1.7.2 (including) | 1.7.2 (including) |
Cups | Apple | 1.7.3 (including) | 1.7.3 (including) |