CVE-2007-5208

EPSS 74.2%

hplip - arbitrary command execution

Published: 10/13/2007Modified: 4/28/2026

Description

hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x and 2.x before 2.7.10 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a from address, which is not properly handled when invoking sendmail.

Affected packages (3)

Debian/hplipfrom 0, < 1.6.10-4.3
Debian/hplipfrom 0, < 1.6.10-3etch1
Debian/hplipfrom 0, < 1.6.10-4.2+lenny1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-5208