CVE-2014-5030
EPSS 0.05%
Description
CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py.
How to fix CVE-2014-5030
To remediate CVE-2014-5030, upgrade the affected package to a fixed version below.
- Debian/cups—upgrade to 1.7.4-2 or later
Is CVE-2014-5030 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.7.4-2