← back
CVE-2012-5519

CVE-2012-5519

18Vexday Risk Score

Patch soon. It has a working public exploit.

ssvc Attendepss 2.1%
from disclosure to weapon0 days
Published on NVDNov 20
metasploitNov 20
exploitation probability
2.1%top 20% of all CVEs
observed exploitation
nono source reports it
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface.
Affected products
n/a · n/a