Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2013-0200
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/hpcupsfilterc_#.bmp, (2) /tmp/hpcupsfilterk_#.bmp, (3) /tmp/hpcups_job#.out, (4) /tmp/hpijs_#####.out, or (5) /tmp/hpps_job#.out temporary file, a different vulnerability than CVE-2011-2722..
CVSSv2.0 Score
- Severity
- Low
- Base Score
- 1.9/10
- Exploit Score
- 3.4/10
- Access Vector
- Local
- Access Complexity
- Medium
- Authentication Required
- None
- Impact Score
- 2.9/10
- Confidentiality Impact
- None
- Availability Impact
- None
- Integrity Impact
- Partial
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:a:hp:linux_imaging_and_printing_project:3.9.6:*:*:*: |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:3.10.6:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:3.11.1:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:3.11.3a:*:*: |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:3.9.4b:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:3.9.12:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:1.0:*:*:*:*: |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:2.7.10:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:2.0:*:*:*:*: |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:3.9.4:*:*:*: |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:3.9.10:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:3.10.9:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:3.9.8:*:*:*: |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:3.10.5:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:*:*:*:*:*:*: |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:3.11.3:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:3.11.5:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:3.11.10:*:*: |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:3.9.2:*:*:*: |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:3.10.2:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:hp:linux_imaging_and_printing_project:3.11.7:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* |
Yes
|
- | - |
References
- https://bugzilla.redhat.com/show_bug.cgi?id=902163
- http://hplipopensource.com/hplip-web/release_notes.html
- ftp://ftp.scientificlinux.org/linux/scientific/6x/SRPMS/vendor/hplip-3.12.4-4.el6.src.rp
- http://secunia.com/advisories/55083
- http://www.ubuntu.com/usn/USN-1981-1
- http://www.debian.org/security/2013/dsa-2829
- https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0072
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:088