Back to search
CVE-2010-0540
Published: Jun 17, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
APPLE-SA-2010-06-15-1
vendor-advisory
x_refsource_APPLE
MDVSA-2010:234
vendor-advisory
x_refsource_MANDRIVA
ADV-2010-1481
vdb-entry
x_refsource_VUPEN
http://cups.org/articles.php?L596
x_refsource_CONFIRM
40871
vdb-entry
x_refsource_BID
MDVSA-2010:232
vendor-advisory
x_refsource_MANDRIVA
DSA-2176
vendor-advisory
x_refsource_DEBIAN
http://support.apple.com/kb/HT4188
x_refsource_CONFIRM
GLSA-201207-10
vendor-advisory
x_refsource_GENTOO
ADV-2011-0535
vdb-entry
x_refsource_VUPEN
40220
third-party-advisory
x_refsource_SECUNIA
http://cups.org/str.php?L3498
x_refsource_CONFIRM
MDVSA-2010:233
vendor-advisory
x_refsource_MANDRIVA
oval:org.mitre.oval:def:10382
vdb-entry
signature
x_refsource_OVAL
43521
third-party-advisory
x_refsource_SECUNIA
1024122
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now