Your submission was sent successfully! Close

CVE-2010-0540

Published: 17 June 2010

Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings.

Priority

Medium

Status

Package Release Status
cups
Launchpad, Ubuntu, Debian
Upstream
Released (1.4.4)
cupsys
Launchpad, Ubuntu, Debian
Upstream
Released (1.4.4)