Vulnerability Details : CVE-2009-0122
hplip.postinst in HP Linux Imaging and Printing (HPLIP) 2.7.7 and 2.8.2 on Ubuntu allows local users to change the ownership of arbitrary files via unspecified manipulations in advance of an HPLIP installation or upgrade by an administrator, related to the product's attempt to correct the ownership of its configuration files within home directories.
Products affected by CVE-2009-0122
- cpe:2.3:a:hp:hplip:2.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:hp:hplip:2.7.7:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-0122
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-0122
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST |
CWE ids for CVE-2009-0122
-
Assigned by: nvd@nist.gov (Primary)
Vendor statements for CVE-2009-0122
-
Red Hat 2009-01-19Not vulnerable. This issue did not affect the versions of hplip as shipped with Red Hat Enterprise Linux 5.
References for CVE-2009-0122
Jump to