Home > Vulnerability Database > CVE-2008-2940

Mend Vulnerability Database

CVE-2008-2940

Good to know:

Date: August 14, 2008

The alert-mailing implementation in HP Linux Imaging and Printing (HPLIP) 1.6.7 allows local users to gain privileges and send e-mail messages from the root account via vectors related to the setalerts message, and lack of validation of the device URI associated with an event message.

Severity Score

8.4

Related Resources (5)

Url: http://www.ubuntu.com/usn/USN-674-1

Url: http://secunia.com/advisories/32792

Url: http://secunia.com/advisories/31470

Url: https://nvd.nist.gov/vuln/detail/CVE-2008-2940

Url: https://www.mend.io/vulnerability-database/CVE-2008-2940

Severity Score

8.4

Weakness Type (CWE)

Permissions, Privileges, and Access Control

CWE-264

Top Fix

Upgrade Version

CVSS v3.1

Base Score:	8.4
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	7.2
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend Vulnerability Database

We found results for “”

CVE-2008-2940

Good to know:

Date: August 14, 2008

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?