{"id":"CVE-2014-4336","details":"The generate_local_queue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707.","modified":"2026-01-27T04:12:47.800734Z","published":"2014-06-22T21:55:03Z","withdrawn":"2026-01-27T04:12:47.800734Z","related":["MGASA-2014-0267","openSUSE-SU-2024:10313-1"],"references":[{"type":"FIX","url":"http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7194"},{"type":"FIX","url":"http://openwall.com/lists/oss-security/2014/04/25/7"},{"type":"ADVISORY","url":"http://openwall.com/lists/oss-security/2014/06/19/12"}],"schema_version":"1.7.3"}