7.2
CVE-2008-2940
- EPSS 0.43%
- Veröffentlicht 14.08.2008 20:41:00
- Zuletzt bearbeitet 16.06.2026 22:54:47
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The alert-mailing implementation in HP Linux Imaging and Printing (HPLIP) 1.6.7 allows local users to gain privileges and send e-mail messages from the root account via vectors related to the setalerts message, and lack of validation of the device URI associated with an event message.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hp ≫ Linux Imaging And Printing Project Version1.6.7
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.43% | 0.345 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html
http://secunia.com/advisories/32316
http://secunia.com/advisories/31470
http://secunia.com/advisories/31499
http://secunia.com/advisories/32792
http://securitytracker.com/id?1020684
http://www.mandriva.com/security/advisories?name=MDVSA-2008:169
http://www.redhat.com/support/errata/RHSA-2008-0818.html
http://www.securityfocus.com/bid/30683
http://www.ubuntu.com/usn/USN-674-1
http://www.ubuntu.com/usn/USN-674-2
https://bugzilla.redhat.com/show_bug.cgi?id=455235
https://exchange.xforce.ibmcloud.com/vulnerabilities/44441
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10136