CyberSec.Space Logo
CVEブラウザに戻る

CVE-2015-0839

HIGH
8.1
CVSS Severity Score
EPSS Score0.1910%
EPSS Percentile37.89th
Published2017年8月2日
Last Modified2026年5月13日

Vulnerability Description

The hp-plugin utility in HP Linux Imaging and Printing (HPLIP) makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to verify print plugin downloads.

Affected Platforms (CPE)

📦
Hp

Linux Imaging And Printing

<= 3.17.7

References & Advisories

🔗 http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162442.html
🔗 http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162880.html
🔗 http://www.openwall.com/lists/oss-security/2015/05/29/2
🔗 http://www.securityfocus.com/bid/74913
🔗 http://www.ubuntu.com/usn/USN-2699-1
🔗 https://bugs.launchpad.net/hplip/+bug/1432516
🔗 https://bugzilla.redhat.com/show_bug.cgi?id=1227252
🔗 http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162442.html

関連する脆弱性情報

CVE-2007-52087.6

hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x and 2.x before 2.7.10 allows context-dependent attackers t...

CVE-2010-42677.5

Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing (HPLIP) ...

CVE-2008-29407.2

The alert-mailing implementation in HP Linux Imaging and Printing (HPLIP) 1.6.7 allows local users to gain privileges and send e-m...

CVE-2009-01226.9

hplip.postinst in HP Linux Imaging and Printing (HPLIP) 2.7.7 and 2.8.2 on Ubuntu allows local users to change the ownership of ar...