CVE-2008-2940
EPSS 0.04%
Description
The alert-mailing implementation in HP Linux Imaging and Printing (HPLIP) 1.6.7 allows local users to gain privileges and send e-mail messages from the root account via vectors related to the setalerts message, and lack of validation of the device URI associated with an event message.
How to fix CVE-2008-2940
To remediate CVE-2008-2940, upgrade the affected package to a fixed version below.
- Debian/hplip—upgrade to 2.8.6-1 or later
Is CVE-2008-2940 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2.8.6-1