CVE-2007-5208

Currently unrated

Key Information:

Vendor: HP
Status: Linux Imaging And Printing Project
Vendor: CVE Published:; 13 October 2007

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 65%

Summary

hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x and 2.x before 2.7.10 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a from address, which is not properly handled when invoking sendmail.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

Metasploit exploit module for CVE-2007-5208
Created by Rapid7

References

https://www.redhat.com/archives/fedora-package-announce/2...

vendor-advisoryx_refsource_FEDORA

http://www.vupen.com/english/advisories/2007/3479

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/27271

third-party-advisoryx_refsource_SECUNIA

EPSS Score

65% chance of being exploited in the next 30 days.

Timeline

🟡
Public PoC available
Feb 15, 2010
👾
Exploit known to exist
Feb 15, 2010
Vulnerability published
Oct 13, 2007
Vulnerability Reserved
Oct 4, 2007