CVE-2017-15400

Summary

Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue.

Affected Software

VendorProductVersion RangeStatus
n/aGoogle Chrome OS prior to 62.0.3202.74Google Chrome OS prior to 62.0.3202.74affected

Weaknesses

  • Script injection

ADP Enrichment

CVE Program Container

Additional References

References