Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTTP response splitting attacks via vectors related to (a) the product's web interface, (b) the configuration of the print system, and (c) the titles of printed jobs, as demonstrated by an XSS attack that uses the kerberos parameter to the admin program, and leverages attribute injection and HTTP Parameter Pollution (HPP) issues.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apple Mac OS X CUPS跨站脚本攻击漏洞
Vulnerability Description
Mac OS X是苹果家族机器所使用的操作系统。 基于Apple Mac OS X 10.6.2之前版本及其他平台的CUPS 1.4.2之前版本的web界面不能正确处理HTTP头和HTML模板。远程攻击者可借助与产品web界面,打印系统配置和打印作业标题有关的向量执行跨站脚本攻击和HTTP响应拆分攻击。
CVSS Information
N/A
Vulnerability Type
N/A