CVE-2007-5208

Publication date 13 October 2007

Last updated 24 July 2024

Ubuntu priority

hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x and 2.x before 2.7.10 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a from address, which is not properly handled when invoking sendmail.

Read the notes from the security team

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
hplip	7.10 gutsy	Fixed 2.7.7.dfsg.1-0ubuntu5
	7.04 feisty	Fixed 1.7.3-0ubuntu1.1
	6.10 edgy	Fixed 1.6.9-0ubuntu2.1
	6.06 LTS dapper	Not affected

How can I get the fixes?
What do statuses mean?

Notes

kees

ran as a non-root user prior to Gutsy.

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-530-1
hplip vulnerability
12 October 2007

Other references

https://www.cve.org/CVERecord?id=CVE-2007-5208