CVE-2011-2697

Published: Jul 29, 2011Modified: Apr 29, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

foomatic-rip-hplip in HP Linux Imaging and Printing (HPLIP) 3.11.5 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file.

Affected (1)

Products: Hp: Linux Imaging And Printing Project

1 product

Linux Imaging And Printing Project

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Hp Linux Imaging And Printing Project	Version 3.11.5

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (20)

http://security.gentoo.org/glsa/glsa-201203-07.xml

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2011:125

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2011/07/13/3

Source: secalert@redhat.com

ExploitPatch

http://www.openwall.com/lists/oss-security/2011/07/18/3

Source: secalert@redhat.com

ExploitPatch

http://www.openwall.com/lists/oss-security/2011/07/28/1

Source: secalert@redhat.com

ExploitPatch

http://www.ubuntu.com/usn/USN-1194-1

Source: secalert@redhat.com

http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf

Source: secalert@redhat.com

https://bugzilla.novell.com/show_bug.cgi?id=698451

Source: secalert@redhat.com

ExploitPatch

https://bugzilla.redhat.com/show_bug.cgi?id=721001

Source: secalert@redhat.com

ExploitPatch

https://exchange.xforce.ibmcloud.com/vulnerabilities/68993

Source: secalert@redhat.com

http://security.gentoo.org/glsa/glsa-201203-07.xml