CVE-2013-0200
hplip - several
EPSS 0.08%
Description
HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/hpcupsfilterc_#.bmp, (2) /tmp/hpcupsfilterk_#.bmp, (3) /tmp/hpcups_job#.out, (4) /tmp/hpijs_#####.out, or (5) /tmp/hpps_job#.out temporary file, a different vulnerability than CVE-2011-2722.
How to fix CVE-2013-0200
To remediate CVE-2013-0200, upgrade the affected package to a fixed version below.
- Debian/hplip—upgrade to 3.12.6-3.1 or later
- Debian/hplip—upgrade to 3.10.6-2+squeeze2 or later
Is CVE-2013-0200 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 3.12.6-3.1
- from 0, < 3.10.6-2+squeeze2