cbcvebase.
CVE-2011-2722
published 2012-05-25

CVE-2011-2722: The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite…

PriorityP49low1.2CVSS 2.0
AVLACHAuNCNIPAN
EPSS
0.44%
35.4th percentile
The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file.

Affected

25 ranges
VendorProductVersion rangeFixed in
debianhplip< hplip 3.12.6-3.1 (bookworm)hplip 3.12.6-3.1 (bookworm)
debianhplip< hplip 3.11.10-1 (bookworm)hplip 3.11.10-1 (bookworm)
hplinux_imaging_and_printing_project<= 3.12.4
hplinux_imaging_and_printing_project<= 3.11.5
hplinux_imaging_and_printing_project
hplinux_imaging_and_printing_project
hplinux_imaging_and_printing_project
hplinux_imaging_and_printing_project
hplinux_imaging_and_printing_project
hplinux_imaging_and_printing_project
hplinux_imaging_and_printing_project
hplinux_imaging_and_printing_project
hplinux_imaging_and_printing_project
hplinux_imaging_and_printing_project
hplinux_imaging_and_printing_project
hplinux_imaging_and_printing_project
hplinux_imaging_and_printing_project
hplinux_imaging_and_printing_project
hplinux_imaging_and_printing_project
hplinux_imaging_and_printing_project
hplinux_imaging_and_printing_project
hplinux_imaging_and_printing_project
hplinux_imaging_and_printing_project
hplinux_imaging_and_printing_project
redhatenterprise_linux

CVSS provenance

nvdv2.01.2LOWAV:L/AC:H/Au:N/C:N/I:P/A:N
osv1.2LOW
vendor_debian1.2LOW
vendor_redhat1.2LOW
vendor_ubuntu1.2LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.