Lucene search

[email protected]NVD:CVE-2009-0122

HistoryJan 15, 2009 - 5:30 p.m.

CVE-2009-0122

2009-01-1517:30:00

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

Low

EPSS

Percentile

5.1%

JSON

hplip.postinst in HP Linux Imaging and Printing (HPLIP) 2.7.7 and 2.8.2 on Ubuntu allows local users to change the ownership of arbitrary files via unspecified manipulations in advance of an HPLIP installation or upgrade by an administrator, related to the product’s attempt to correct the ownership of its configuration files within home directories.

Affected configurations

Nvd

Node

hphplipMatch2.7.7

hphplipMatch2.8.2

VendorProductVersionCPE
hphplip2.7.7cpe:2.3:a:hp:hplip:2.7.7:*:*:*:*:*:*:*
hphplip2.8.2cpe:2.3:a:hp:hplip:2.8.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hp	hplip	2.7.7	cpe:2.3:a:hp:hplip:2.7.7:::::::*
hp	hplip	2.8.2	cpe:2.3:a:hp:hplip:2.8.2:::::::*

References

secunia.com/advisories/33539

www.securityfocus.com/bid/33249

www.ubuntu.com/usn/usn-708-1

launchpad.net/bugs/191299

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2009-0122

ubuntu1 cvelist1 redhatcve1 openvas3 nessus1 debiancve1 prion1 cve1 ubuntucve1