CVE-2009-0122

EUVD-2009-0131
hplip.postinst in HP Linux Imaging and Printing (HPLIP) 2.7.7 and 2.8.2 on Ubuntu allows local users to change the ownership of arbitrary files via unspecified manipulations in advance of an HPLIP installation or upgrade by an administrator, related to the product's attempt to correct the ownership of its configuration files within home directories.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
Affected Products (NVD)
VendorProductVersion
hphplip
2.7.7
hphplip
2.8.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
hplip
bookworm
3.22.10+dfsg0-2
fixed
bullseye
3.21.2+dfsg1-2
fixed
sid
3.22.10+dfsg0-5.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
hplip
dapper
not-affected
gutsy
Fixed 2.7.7.dfsg.1-0ubuntu5.3
released
hardy
not-affected
intrepid
not-affected
Common Weakness Enumeration
References
http://secunia.com/advisories/33539
http://www.securityfocus.com/bid/33249
http://www.ubuntu.com/usn/usn-708-1
https://launchpad.net/bugs/191299
http://secunia.com/advisories/33539
http://www.securityfocus.com/bid/33249
http://www.ubuntu.com/usn/usn-708-1
https://launchpad.net/bugs/191299