CVE-2011-2722

HP Linux Imaging and Printing Project < 3.11.10 - Arbitrary File Write via Symlink Attack on Temporary File

Title source: llm
STIX 2.1

Description

The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file.

References (11)

Core 11
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0133.html
Issue Tracking x_refsource_confirm
https://bugzilla.novell.com/show_bug.cgi?id=704608
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/55083
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1981-1
Issue Tracking x_refsource_confirm
https://bugs.launchpad.net/hplip/+bug/809904
Patch, Vendor Advisory x_refsource_confirm
http://hplipopensource.com/hplip-web/release_notes.html
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=725830
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201203-17.xml
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2011/07/26/14
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/48441

Scores

EPSS 0.0007
EPSS Percentile 21.3%

Details

CWE
CWE-59
Status published
Products (16)
hp/linux_imaging_and_printing_project 3.9.2
hp/linux_imaging_and_printing_project 3.9.4
hp/linux_imaging_and_printing_project 3.9.4b
hp/linux_imaging_and_printing_project 3.9.6
hp/linux_imaging_and_printing_project 3.9.8
hp/linux_imaging_and_printing_project 3.9.10
hp/linux_imaging_and_printing_project 3.9.12
hp/linux_imaging_and_printing_project 3.10.2
hp/linux_imaging_and_printing_project 3.10.5
hp/linux_imaging_and_printing_project 3.10.6
... and 6 more
Published May 25, 2012
Tracked Since Feb 18, 2026