CVE-2010-4267 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:P/I:P/A:P

Base Score

CVSS 3.x

EPSS Score

Percentile: 93%

Affected Products (NVD)

Vendor	Product	Version
hp	linux_imaging_and_printing_project	1.6.7
hp	linux_imaging_and_printing_project	3.9.8
hp	linux_imaging_and_printing_project	3.10.9

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

hplip

bookworm	3.22.10+dfsg0-2 fixed
bullseye	3.21.2+dfsg1-2 fixed
sid	3.22.10+dfsg0-5.1 fixed

Ubuntu Releases

Ubuntu Product

Codename

hplip

dapper	not-affected
hardy	Fixed 2.8.2-0ubuntu8.2 released
karmic	Fixed 3.9.8-1ubuntu2.1 released
lucid	Fixed 3.10.2-2ubuntu2.2 released
maverick	Fixed 3.10.6-1ubuntu10.2 released

openSUSE / SLES Releases

openSUSE Product

Release

hplip

suse enterprise sap 12 SP5	3.16.11-1.33 fixed
suse enterprise server 12	3.14.6-3.5 fixed
suse enterprise server 12 SP2	3.14.6-3.5 fixed
suse enterprise server 12 SP3	3.16.11-1.33 fixed
suse enterprise server 12 SP4	3.16.11-1.33 fixed
suse enterprise server 12 SP5	3.16.11-1.33 fixed

hplip-devel

suse enterprise desktop 15	3.17.9-3.38 fixed
suse enterprise sap 15	3.17.9-3.38 fixed
suse enterprise server 15	3.17.9-3.38 fixed

hplip-hpijs

suse enterprise desktop 15	3.17.9-3.38 fixed
suse enterprise sap 12 SP5	3.16.11-1.33 fixed
suse enterprise sap 15	3.17.9-3.38 fixed
suse enterprise server 12	3.14.6-3.5 fixed
suse enterprise server 12 SP2	3.14.6-3.5 fixed
suse enterprise server 12 SP3	3.16.11-1.33 fixed
suse enterprise server 12 SP4	3.16.11-1.33 fixed
suse enterprise server 12 SP5	3.16.11-1.33 fixed
suse enterprise server 15	3.17.9-3.38 fixed

hplip-sane

suse enterprise desktop 15	3.17.9-3.38 fixed
suse enterprise sap 12 SP5	3.16.11-1.33 fixed
suse enterprise sap 15	3.17.9-3.38 fixed
suse enterprise server 12	3.14.6-3.5 fixed
suse enterprise server 12 SP2	3.14.6-3.5 fixed
suse enterprise server 12 SP3	3.16.11-1.33 fixed
suse enterprise server 12 SP4	3.16.11-1.33 fixed
suse enterprise server 12 SP5	3.16.11-1.33 fixed
suse enterprise server 15	3.17.9-3.38 fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

hpijs

RHEL 6

1:3.9.8-33.el6_0.1

fixed

hplip

RHEL 6

0:3.9.8-33.el6_0.1

fixed

hplip-common

RHEL 6

0:3.9.8-33.el6_0.1

fixed

hplip-gui

RHEL 6

0:3.9.8-33.el6_0.1

fixed

hplip-libs

RHEL 6

0:3.9.8-33.el6_0.1

fixed

libsane-hpaio

RHEL 6

0:3.9.8-33.el6_0.1

fixed

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053472.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053474.html

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html

http://osvdb.org/70498

http://secunia.com/advisories/42939

http://secunia.com/advisories/42956

http://secunia.com/advisories/43022

http://secunia.com/advisories/43068

http://secunia.com/advisories/43083

http://secunia.com/advisories/43102

http://secunia.com/advisories/48441

http://security.gentoo.org/glsa/glsa-201203-17.xml

http://www.debian.org/security/2011/dsa-2152

http://www.mandriva.com/security/advisories?name=MDVSA-2011:013

http://www.redhat.com/support/errata/RHSA-2011-0154.html

http://www.securityfocus.com/bid/45833

http://www.securitytracker.com/id?1024967

http://www.ubuntu.com/usn/USN-1051-1

http://www.vupen.com/english/advisories/2011/0136

http://www.vupen.com/english/advisories/2011/0160

http://www.vupen.com/english/advisories/2011/0211

http://www.vupen.com/english/advisories/2011/0212

http://www.vupen.com/english/advisories/2011/0228

http://www.vupen.com/english/advisories/2011/0243

https://bugzilla.redhat.com/attachment.cgi?id=468455&action=diff

https://bugzilla.redhat.com/show_bug.cgi?id=662740

https://exchange.xforce.ibmcloud.com/vulnerabilities/64738

http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053472.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053474.html

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html

http://osvdb.org/70498

http://secunia.com/advisories/42939

http://secunia.com/advisories/42956

http://secunia.com/advisories/43022

http://secunia.com/advisories/43068

http://secunia.com/advisories/43083

http://secunia.com/advisories/43102

http://secunia.com/advisories/48441

http://security.gentoo.org/glsa/glsa-201203-17.xml

http://www.debian.org/security/2011/dsa-2152

http://www.mandriva.com/security/advisories?name=MDVSA-2011:013

http://www.redhat.com/support/errata/RHSA-2011-0154.html

http://www.securityfocus.com/bid/45833

http://www.securitytracker.com/id?1024967

http://www.ubuntu.com/usn/USN-1051-1

http://www.vupen.com/english/advisories/2011/0136

http://www.vupen.com/english/advisories/2011/0160

http://www.vupen.com/english/advisories/2011/0211

http://www.vupen.com/english/advisories/2011/0212

http://www.vupen.com/english/advisories/2011/0228

http://www.vupen.com/english/advisories/2011/0243

https://bugzilla.redhat.com/attachment.cgi?id=468455&action=diff

https://bugzilla.redhat.com/show_bug.cgi?id=662740

https://exchange.xforce.ibmcloud.com/vulnerabilities/64738