Loads files to memory for later printing. when printer sharing is enabled, does not properly validate spooler access permissions, which allows remote attackers to create files in a system directory, and consequently execute arbitrary code, by sending a crafted print request over RPC
An attacker can obtain a client's public host key during a connection attempt and use it to open and authenticate an SSH session to another server with the same access rights as the victim.