Fluid Attacks Database

Description

foomaticrip.c in foomatic-rip in foomatic-filters in Foomatic 4.0.6 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file, a different vulnerability than CVE-2011-2697.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 13	foomatic-filters	>=0 <4.0.9-1	4.0.9-1
debian 11	foomatic-filters	>=0 <4.0.9-1	4.0.9-1
debian 12	foomatic-filters	>=0 <4.0.9-1	4.0.9-1
debian 14	foomatic-filters	>=0 <4.0.9-1	4.0.9-1
rpm rhel6	foomatic	<0:4.0.4-1.el6_1.1	0:4.0.4-1.el6_1.1

Aliases

1. CVE-2011-29642. NVD-2011-29643. OSV-DEBIAN-2011-29644. OSV-2011-29645. SECURITY-TRACKER-CVE-2011-2964

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.