Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0200

Overview

Vulnerability Score 1.9 1.9
CVE Id CVE-2013-0200
Last Modified 06 Feb 2014 11:44:34
Published 06 Mar 2013 03:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2013-0200

Summary

HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/hpcupsfilterc_#.bmp, (2) /tmp/hpcupsfilterk_#.bmp, (3) /tmp/hpcups_job#.out, (4) /tmp/hpijs_#####.out, or (5) /tmp/hpps_job#.out temporary file, a different vulnerability than CVE-2011-2722.

Vulnerable Systems

Operating System

  • Redhat Enterprise Linux 6

Application

  • Hp Linux Imaging And Printing Project 1.0

  • Hp Linux Imaging And Printing Project 2.0

  • Hp Linux Imaging And Printing Project 2.7.10

  • Hp Linux Imaging And Printing Project 3.10.2

  • Hp Linux Imaging And Printing Project 3.10.5

  • Hp Linux Imaging And Printing Project 3.10.6

  • Hp Linux Imaging And Printing Project 3.10.9

  • Hp Linux Imaging And Printing Project 3.11.1

  • Hp Linux Imaging And Printing Project 3.11.10

  • Hp Linux Imaging And Printing Project 3.11.3

  • Hp Linux Imaging And Printing Project 3.11.3a

  • Hp Linux Imaging And Printing Project 3.11.5

  • Hp Linux Imaging And Printing Project 3.11.7

  • Hp Linux Imaging And Printing Project 3.12.4

  • Hp Linux Imaging And Printing Project 3.9.10

  • Hp Linux Imaging And Printing Project 3.9.12

  • Hp Linux Imaging And Printing Project 3.9.2

  • Hp Linux Imaging And Printing Project 3.9.4

  • Hp Linux Imaging And Printing Project 3.9.4b

  • Hp Linux Imaging And Printing Project 3.9.6

  • Hp Linux Imaging And Printing Project 3.9.8


References

CONFIRM - ftp://ftp.scientificlinux.org/linux/scientific/6x/SRPMS/vendor/hplip-3.12.4-4.el6.src.rpm

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=902163

MISC - http://hplipopensource.com/hplip-web/release_notes.html

UBUNTU - USN-1981-1

SECUNIA - 55083

DEBIAN - DSA-2829

CONFIRM - https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0072

MANDRIVA - MDVSA-2013:088


Last Updated: 27 May 2016 10:56:41