CVE-2007-5208

Published: Oct 13, 2007Modified: Apr 23, 2026

7.6

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Exploitability: 4.9 / Impact: 10.0

Source: NVD

Description

hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x and 2.x before 2.7.10 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a from address, which is not properly handled when invoking sendmail.

Affected (2)

Products: Hp: Linux Imaging And Printing Project

1 product

Linux Imaging And Printing Project

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Hp Linux Imaging And Printing Project	Up to 2.7.10
Hp Linux Imaging And Printing Project	Version 1.0

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (48)

http://bugs.gentoo.org/show_bug.cgi?id=195565

Source: security@ubuntu.com

http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html

Source: security@ubuntu.com

http://qa.mandriva.com/show_bug.cgi?id=30719

Source: security@ubuntu.com

http://secunia.com/advisories/27202

Source: security@ubuntu.com

http://secunia.com/advisories/27221

Source: security@ubuntu.com

http://secunia.com/advisories/27224

Source: security@ubuntu.com

http://secunia.com/advisories/27232

Source: security@ubuntu.com

http://secunia.com/advisories/27271

Source: security@ubuntu.com

http://secunia.com/advisories/27332

Source: security@ubuntu.com

http://secunia.com/advisories/27397

Source: security@ubuntu.com

http://secunia.com/advisories/28453

Source: security@ubuntu.com

http://security.gentoo.org/glsa/glsa-200710-26.xml

Source: security@ubuntu.com

http://www.debian.org/security/2008/dsa-1462

Source: security@ubuntu.com

http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:201

Source: security@ubuntu.com

http://www.redhat.com/support/errata/RHSA-2007-0960.html

Source: security@ubuntu.com

PatchVendor Advisory

http://www.securityfocus.com/bid/26054

Source: security@ubuntu.com

http://www.securitytracker.com/id?1018806

Source: security@ubuntu.com

http://www.vupen.com/english/advisories/2007/3479

Source: security@ubuntu.com

https://bugzilla.redhat.com/show_bug.cgi?id=319921

Source: security@ubuntu.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/37183

Source: security@ubuntu.com

https://launchpad.net/bugs/149121

Source: security@ubuntu.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10692

Source: security@ubuntu.com

https://usn.ubuntu.com/530-1/

Source: security@ubuntu.com

https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00200.html

Source: security@ubuntu.com

http://bugs.gentoo.org/show_bug.cgi?id=195565

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://qa.mandriva.com/show_bug.cgi?id=30719

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/27202

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/27221

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/27224

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/27232

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/27271

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/27332

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/27397

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/28453

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-200710-26.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2008/dsa-1462

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:201

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2007-0960.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/26054

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1018806

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/3479

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=319921

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/37183

Source: af854a3a-2127-422b-91ae-364da2661108

https://launchpad.net/bugs/149121

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10692

Source: af854a3a-2127-422b-91ae-364da2661108

https://usn.ubuntu.com/530-1/

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00200.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.