CVE-2012-6108
Severity CVSS v4.0:
Pending analysis
Type:
CWE-264
Permissions, Privileges, and Access Control
Publication date:
15/02/2014
Last modified:
11/04/2025
Description
HP Linux Imaging and Printing (HPLIP) before 3.13.2 uses world-writable permissions for /var/log/hp and /var/log/hp/tmp, which allows local users to delete log files via standard filesystem operations.
Impact
Base Score 2.0
2.10
Severity 2.0
LOW
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:hp:linux_imaging_and_printing_project:*:*:*:*:*:*:*:* | 3.13.1 (including) | |
| cpe:2.3:a:hp:linux_imaging_and_printing_project:1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:linux_imaging_and_printing_project:2.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:linux_imaging_and_printing_project:2.7.10:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:linux_imaging_and_printing_project:3.9.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:linux_imaging_and_printing_project:3.9.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:linux_imaging_and_printing_project:3.9.4b:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:linux_imaging_and_printing_project:3.9.6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:linux_imaging_and_printing_project:3.9.8:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:linux_imaging_and_printing_project:3.9.10:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:linux_imaging_and_printing_project:3.9.12:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:linux_imaging_and_printing_project:3.10.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:linux_imaging_and_printing_project:3.10.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:linux_imaging_and_printing_project:3.10.6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:hp:linux_imaging_and_printing_project:3.10.9:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://sourceforge.net/projects/hplip/files/hplip/3.13.2/hplip-3.13.2.tar.gz/download
- https://bugs.launchpad.net/hplip/+bug/1016507/comments/1
- https://bugs.launchpad.net/hplip/+bug/1016507/comments/6
- https://bugzilla.redhat.com/show_bug.cgi?id=894283
- http://sourceforge.net/projects/hplip/files/hplip/3.13.2/hplip-3.13.2.tar.gz/download
- https://bugs.launchpad.net/hplip/+bug/1016507/comments/1
- https://bugs.launchpad.net/hplip/+bug/1016507/comments/6
- https://bugzilla.redhat.com/show_bug.cgi?id=894283