Symlink Vulnerability in HP Linux Imaging and Printing by HP
CVE-2013-6402

Currently unrated

Key Information:

Vendor: HP
Status: Linux Imaging And Printing Project
Vendor: CVE Published:; 5 January 2014

Summary

A symlink vulnerability exists in HP Linux Imaging and Printing (HPLIP) versions up to 3.13.11 that allows local users to create a symbolic link in the /tmp directory, potentially overwriting arbitrary files. This can lead to unauthorized modification of sensitive files, posing a significant security risk. Users are advised to upgrade to the latest version of HPLIP to mitigate this risk.

References

http://www.ubuntu.com/usn/USN-2085-1

vendor-advisoryx_refsource_UBUNTU

https://bugzilla.novell.com/show_bug.cgi?id=852368

x_refsource_CONFIRM

https://security-tracker.debian.org/tracker/CVE-2013-6402

x_refsource_CONFIRM

Timeline

Vulnerability published
Jan 5, 2014
Vulnerability Reserved
Nov 4, 2013