Remote Code Execution Vulnerability in HP Linux Imaging and Printing
CVE-2011-2697

Currently unrated

Key Information:

Vendor: HP
Status: Linux Imaging And Printing Project
Vendor: CVE Published:; 29 July 2011

What is CVE-2011-2697?

HP Linux Imaging and Printing (HPLIP) version 3.11.5 contains a vulnerability in the foomatic-rip-hplip component that can be exploited by remote attackers. By crafting a malicious *FoomaticRIPCommandLine field within a .ppd file, an attacker can execute arbitrary code on the affected system once the compromised file is processed, potentially leading to unauthorized access and control over the device.

References

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

http://www.openwall.com/lists/oss-security/2011/07/18/3

mailing-listx_refsource_MLIST

https://exchange.xforce.ibmcloud.com/vulnerabilities/68993

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 29, 2011
Vulnerability Reserved
Jul 11, 2011