Lucene search

[email protected]CVE-2009-0122

HistoryJan 15, 2009 - 5:30 p.m.

CVE-2009-0122

2009-01-1517:30:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2009-0122

hplip

ubuntu

local users

file ownership

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

hplip.postinst in HP Linux Imaging and Printing (HPLIP) 2.7.7 and 2.8.2 on Ubuntu allows local users to change the ownership of arbitrary files via unspecified manipulations in advance of an HPLIP installation or upgrade by an administrator, related to the product’s attempt to correct the ownership of its configuration files within home directories.

Affected configurations

NVD

Node

hphplipMatch2.7.7

hphplipMatch2.8.2

CPENameOperatorVersion
hp:hpliphp hplipeq2.7.7
hp:hpliphp hplipeq2.8.2

CPE	Name	Operator	Version
hp:hplip	hp hplip	eq	2.7.7
hp:hplip	hp hplip	eq	2.8.2

References

secunia.com/advisories/33539

www.securityfocus.com/bid/33249

www.ubuntu.com/usn/usn-708-1

launchpad.net/bugs/191299

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2009-0122

prion1 nvd1 openvas3 nessus1 ubuntucve1 ubuntu1 redhatcve1 cvelist1 debiancve1