Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327. <a href"http://cwe.mitre.org/data/definitions/184.html">CWE-184: Incomplete Blacklist</a>
Publication date: Thu, 14 Apr 2016 19:59:00 +0000