CVE-2011-2722 — Vulnetix

Try Vulnetix Request Demo

CVE-2011-2722 PUBLISHED CVSS 1.2000000476837158 LOW

The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file.

EPSS 0.07% · 21.3th percentile

Risk Scores

CVSS v2.0

1.2000000476837158

EPSS Score

0.07%

21.3th percentile

Affected Products

Vendor	Product	Versions
hp	linux_imaging_and_printing_project	3.11.7, 0, 3.9.2
n/a	n/a	n/a

Timeline

May 25, 2012 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

https://bugzilla.novell.com/show_bug.cgi?id=704608 url
55083 third-party-advisory
USN-1981-1 vendor-advisory
RHSA-2013:0133 vendor-advisory
https://bugs.launchpad.net/hplip/+bug/809904 url
https://bugzilla.redhat.com/attachment.cgi?id=515866&action=diff url
http://hplipopensource.com/hplip-web/release_notes.html url
https://bugzilla.redhat.com/show_bug.cgi?id=725830 url
GLSA-201203-17 vendor-advisory
[oss-security] 20110726 Re: CVE request: hplip: insecure tmp file handling mailing-list
48441 third-party-advisory
https://nvd.nist.gov/vuln/detail/CVE-2011-2722 advisory
https://access.redhat.com/errata/RHSA-2013:0133 url
https://access.redhat.com/errata/RHSA-2013:0500 url
https://access.redhat.com/security/cve/CVE-2011-2722 url

Open in Interactive Console →