{"id":"DEBIAN-CVE-2014-8166","details":"The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name.","modified":"2026-04-28T20:13:39.834713Z","published":"2018-01-12T17:29:00.507Z","upstream":["CVE-2014-8166"],"references":[{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2014-8166"}],"affected":[{"package":{"name":"cups","ecosystem":"Debian:11","purl":"pkg:deb/debian/cups?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.3.3op2-3+deb11u1","2.3.3op2-3+deb11u10","2.3.3op2-3+deb11u2","2.3.3op2-3+deb11u3","2.3.3op2-3+deb11u4","2.3.3op2-3+deb11u5","2.3.3op2-3+deb11u6","2.3.3op2-3+deb11u7","2.3.3op2-3+deb11u8","2.3.3op2-3+deb11u9","2.3.3op2-4","2.3.3op2-5","2.3.3op2-6","2.3.3op2-7","2.4.10-1","2.4.10-2","2.4.10-3","2.4.10-4","2.4.14-1","2.4.15-1","2.4.16-1","2.4.17-1","2.4.18-1","2.4.1op1-1","2.4.1op1-2","2.4.2-1","2.4.2-2","2.4.2-3","2.4.2-4","2.4.2-5","2.4.2-6","2.4.7-1","2.4.7-1.1","2.4.7-1.2","2.4.7-2","2.4.7-3"],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2014-8166.json"}},{"package":{"name":"cups","ecosystem":"Debian:12","purl":"pkg:deb/debian/cups?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.4.10-1","2.4.10-2","2.4.10-3","2.4.10-4","2.4.14-1","2.4.15-1","2.4.16-1","2.4.17-1","2.4.18-1","2.4.2-3","2.4.2-3+deb12u1","2.4.2-3+deb12u2","2.4.2-3+deb12u3","2.4.2-3+deb12u4","2.4.2-3+deb12u5","2.4.2-3+deb12u6","2.4.2-3+deb12u7","2.4.2-3+deb12u8","2.4.2-3+deb12u9","2.4.2-4","2.4.2-5","2.4.2-6","2.4.7-1","2.4.7-1.1","2.4.7-1.2","2.4.7-2","2.4.7-3"],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2014-8166.json"}},{"package":{"name":"cups","ecosystem":"Debian:13","purl":"pkg:deb/debian/cups?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.4.10-3","2.4.10-3+deb13u1","2.4.10-3+deb13u2","2.4.10-4","2.4.14-1","2.4.15-1","2.4.16-1","2.4.17-1","2.4.18-1"],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2014-8166.json"}},{"package":{"name":"cups","ecosystem":"Debian:14","purl":"pkg:deb/debian/cups?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.4.10-3","2.4.10-4","2.4.14-1","2.4.15-1","2.4.16-1","2.4.17-1","2.4.18-1"],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2014-8166.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}