CVE-2010-4267
hplip - buffer overflow
EPSS 10.7%
Description
Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing (HPLIP) 1.6.7, 3.9.8, 3.10.9, and probably other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SNMP response with a large length value.
How to fix CVE-2010-4267
To remediate CVE-2010-4267, upgrade the affected package to a fixed version below.
- Debian/hplip—upgrade to 3.10.6-2 or later
- Debian/hplip—upgrade to 2.8.6.b-4+lenny1 or later
Is CVE-2010-4267 being exploited?
Moderate — EPSS is 10.7%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 3.10.6-2
- from 0, < 2.8.6.b-4+lenny1