Stack-based Buffer Overflow in Hewlett-Packard Linux Imaging and Printing
CVE-2010-4267

Currently unrated

Key Information:

Vendor: HP
Status: Linux Imaging And Printing Project
Vendor: CVE Published:; 20 January 2011

Summary

A stack-based buffer overflow exists in the hpmud_get_pml function within the io/hpmud/pml.c file of Hewlett-Packard Linux Imaging and Printing (HPLIP). This vulnerability allows remote attackers to send a specially crafted SNMP response with a large length value, leading to a potential denial of service by causing application crashes and possibly enabling arbitrary code execution on affected systems. It is essential for administrators and users to ensure they are running the most secure version of HPLIP to mitigate this issue.

References

http://secunia.com/advisories/42956

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/43068

third-party-advisoryx_refsource_SECUNIA

http://osvdb.org/70498

vdb-entryx_refsource_OSVDB

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 20, 2011
Vulnerability Reserved
Nov 16, 2010