7.2

CVE-2008-2940

The alert-mailing implementation in HP Linux Imaging and Printing (HPLIP) 1.6.7 allows local users to gain privileges and send e-mail messages from the root account via vectors related to the setalerts message, and lack of validation of the device URI associated with an event message.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.43% 0.345
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html
http://secunia.com/advisories/32316
http://secunia.com/advisories/31470
http://secunia.com/advisories/31499
http://secunia.com/advisories/32792
http://securitytracker.com/id?1020684
http://www.mandriva.com/security/advisories?name=MDVSA-2008:169
http://www.redhat.com/support/errata/RHSA-2008-0818.html
http://www.securityfocus.com/bid/30683
http://www.ubuntu.com/usn/USN-674-1
http://www.ubuntu.com/usn/USN-674-2
https://bugzilla.redhat.com/show_bug.cgi?id=455235
https://exchange.xforce.ibmcloud.com/vulnerabilities/44441
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10136