← Back

CVE-2013-4325

nvd nist
Published: Sep 23, 2013Modified: Apr 29, 2026

JSON object

Loading...
6.9
Vector
AV:L/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 3.4 / Impact: 10.0
Source: NVD

Description

The check_permission_v1 function in base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.9 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process.

Affected (35)

Hp
1 product
Linux Imaging And Printing Project
Configuration A
35 vulnerable
Vulnerable SoftwareAffected Versions
Hp
Linux Imaging And Printing Project
Version 1.0
Linux Imaging And Printing Project
Version 2.0
Linux Imaging And Printing Project
Version 2.7.10
Linux Imaging And Printing Project
Version 3.10.2
Linux Imaging And Printing Project
Version 3.10.5
Linux Imaging And Printing Project
Version 3.10.6
Linux Imaging And Printing Project
Version 3.10.9
Linux Imaging And Printing Project
Version 3.11.10
Linux Imaging And Printing Project
Version 3.11.1
Linux Imaging And Printing Project
Version 3.11.3
Linux Imaging And Printing Project
Version 3.11.3a
Linux Imaging And Printing Project
Version 3.11.5
Linux Imaging And Printing Project
Version 3.11.7
Linux Imaging And Printing Project
Version 3.12.10
Linux Imaging And Printing Project
Version 3.12.10 a
Linux Imaging And Printing Project
Version 3.12.11
Linux Imaging And Printing Project
Version 3.12.2
Linux Imaging And Printing Project
Version 3.12.4
Linux Imaging And Printing Project
Version 3.12.6
Linux Imaging And Printing Project
Version 3.12.9
Linux Imaging And Printing Project
Version 3.13.2
Linux Imaging And Printing Project
Version 3.13.3
Linux Imaging And Printing Project
Version 3.13.4
Linux Imaging And Printing Project
Version 3.13.5
Linux Imaging And Printing Project
Version 3.13.6
Linux Imaging And Printing Project
Version 3.13.7
Linux Imaging And Printing Project
Version 3.13.8
Linux Imaging And Printing Project
Version 3.13.9
Linux Imaging And Printing Project
Version 3.9.10
Linux Imaging And Printing Project
Version 3.9.12
Linux Imaging And Printing Project
Version 3.9.2
Linux Imaging And Printing Project
Version 3.9.4
Linux Imaging And Printing Project
Version 3.9.4b
Linux Imaging And Printing Project
Version 3.9.6
Linux Imaging And Printing Project
Version 3.9.8

Related CWEs

CWE-264
CWE-264

References (14)

Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.