CVE-2011-2722

Published: May 25, 2012Modified: Apr 29, 2026

1.2

Vector

AV:L/AC:H/Au:N/C:N/I:P/A:N

Exploitability: 1.9 / Impact: 2.9

Source: NVD

Description

The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file.

Affected (16)

Products: Hp: Linux Imaging And Printing Project

1 product

Linux Imaging And Printing Project

Configuration A

16 vulnerable

Vulnerable Software	Affected Versions
Hp Linux Imaging And Printing Project	Up to 3.11.5
Hp Linux Imaging And Printing Project	Version 3.10.2
Hp Linux Imaging And Printing Project	Version 3.10.5
Hp Linux Imaging And Printing Project	Version 3.10.6
Hp Linux Imaging And Printing Project	Version 3.10.9
Hp Linux Imaging And Printing Project	Version 3.11.1
Hp Linux Imaging And Printing Project	Version 3.11.3
Hp Linux Imaging And Printing Project	Version 3.11.3a
Hp Linux Imaging And Printing Project	Version 3.11.7
Hp Linux Imaging And Printing Project	Version 3.9.10
Hp Linux Imaging And Printing Project	Version 3.9.12
Hp Linux Imaging And Printing Project	Version 3.9.2
Hp Linux Imaging And Printing Project	Version 3.9.4
Hp Linux Imaging And Printing Project	Version 3.9.4b
Hp Linux Imaging And Printing Project	Version 3.9.6
Hp Linux Imaging And Printing Project	Version 3.9.8

Related CWEs

Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References (22)

http://hplipopensource.com/hplip-web/release_notes.html

Source: secalert@redhat.com

PatchVendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0133.html

Source: secalert@redhat.com

http://secunia.com/advisories/48441

Source: secalert@redhat.com

http://secunia.com/advisories/55083

Source: secalert@redhat.com

http://security.gentoo.org/glsa/glsa-201203-17.xml

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2011/07/26/14

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-1981-1

Source: secalert@redhat.com

https://bugs.launchpad.net/hplip/+bug/809904

Source: secalert@redhat.com

https://bugzilla.novell.com/show_bug.cgi?id=704608

Source: secalert@redhat.com

https://bugzilla.redhat.com/attachment.cgi?id=515866&action=diff

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=725830

Source: secalert@redhat.com

http://hplipopensource.com/hplip-web/release_notes.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0133.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/48441

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/55083

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-201203-17.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2011/07/26/14

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/USN-1981-1

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugs.launchpad.net/hplip/+bug/809904

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.novell.com/show_bug.cgi?id=704608

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/attachment.cgi?id=515866&action=diff

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=725830

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.