- Description
- The dccscan setuid program in LPPlus does not properly check if the user has the permissions to print the file that is specified to dccscan, which allows local users to print arbitrary files.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:plus_technologies:lpplus:3.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "49A54053-DF3A-47E1-AB8A-5BA32BA6AB10"
},
{
"criteria": "cpe:2.3:a:plus_technologies:lpplus:3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C66BF777-D87A-4C19-AC77-49A90C43DCC7"
}
],
"operator": "OR"
}
]
}
]