CVE-2008-2940

high

HPE

CVSS v3 Base Score

7.2

AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS Score

0.0%

Exploitation probability in 30 days

Top 87% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Confidentiality

Integrity

Availability

Published: August 14, 2008 (6481 days ago)

Last Modified: April 23, 2026

Vendor: HPE

Source: NVD

Description

The alert-mailing implementation in HP Linux Imaging and Printing (HPLIP) 1.6.7 allows local users to gain privileges and send e-mail messages from the root account via vectors related to the setalerts message, and lack of validation of the device URI associated with an event message.

CWE

CWE-264

Affected Products

hp linux imaging and printing project

References

🔗 lists.opensuse.org 🔗 secunia.com 🔗 secunia.com 🔗 secunia.com 🔗 secunia.com

CVE-2008-2940

Vulnerability Report

Description

CWE

Affected Products

References