CVE-2013-6476
EPSS 0.30%
Description
The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file.
How to fix CVE-2013-6476
To remediate CVE-2013-6476, upgrade the affected package to a fixed version below.
- Debian/cups—upgrade to 1.5.0-16 or later
- Debian/cups-filters—upgrade to 1.0.47-1 or later
Is CVE-2013-6476 being exploited?
Low — EPSS is 0.3%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 1.5.0-16
- from 0, < 1.0.47-1