CVE Database · CVE-2010-2431
CVSS v3.1
N/A
EPSS
0.36%
Published
Jun 22, 2010
Modified
Apr 28, 2026
Public PoC / Exploit (1)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file.
Weaknesses (CWE)
Affected Products (84)
References (20)
...and 34 more
