All the vulnerabilites related to hp - color_laserjet_cm6040_mfp
cve-2012-5221
Vulnerability from cvelistv5
Published
2013-04-29 21:00
Modified
2024-08-06 20:58
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742 | vendor-advisory, x_refsource_HP | |
| https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742 | vendor-advisory, x_refsource_HP | |
| http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1023 | third-party-advisory, x_refsource_IDEFENSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:58:03.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBPI02869",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742"
},
{
"name": "SSRT100936",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742"
},
{
"name": "20130426 Hewlett-Packard Multiple Printers PostScript Interpreter Directory Traversal Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-23T21:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBPI02869",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742"
},
{
"name": "SSRT100936",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742"
},
{
"name": "20130426 Hewlett-Packard Multiple Printers PostScript Interpreter Directory Traversal Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1023"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2012-5221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBPI02869",
"refsource": "HP",
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742"
},
{
"name": "SSRT100936",
"refsource": "HP",
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742"
},
{
"name": "20130426 Hewlett-Packard Multiple Printers PostScript Interpreter Directory Traversal Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1023"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2012-5221",
"datePublished": "2013-04-29T21:00:00",
"dateReserved": "2012-10-01T00:00:00",
"dateUpdated": "2024-08-06T20:58:03.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2013-04-29 21:55
Modified
2024-11-21 01:44
Severity ?
Summary
Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:color_laserjet_3000:q7534a:*:*:*:*:*:*:*",
"matchCriteriaId": "5F29EB4F-23B6-4875-8205-082A2691C652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_3800:q5981a:*:*:*:*:*:*:*",
"matchCriteriaId": "84F21488-DCD7-48B9-A8A3-9631B59DB078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4700:q7492a:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7F42C9-3C34-4631-949F-CF663D263367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_4730_mfp:cb480a:*:*:*:*:*:*:*",
"matchCriteriaId": "ED28FCCA-8127-4240-97BC-CBB075B0ABC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_5550:q3714a:*:*:*:*:*:*:*",
"matchCriteriaId": "84B6EFDF-C99F-425C-A90A-2D3E7FF0DEF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_9500_mfp:c8549a:*:*:*:*:*:*:*",
"matchCriteriaId": "83AE0FF2-987B-4649-BB62-7C8264411A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_cm6030_mfp:ce664a:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA57C0C-3BDB-4142-A6BC-091BDA7DFBFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_cm6040_mfp:q3939a:*:*:*:*:*:*:*",
"matchCriteriaId": "F898C744-5304-4A09-AA2B-FB0807EB0E9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_cp3505:cb442a:*:*:*:*:*:*:*",
"matchCriteriaId": "92C41C33-22A8-40D1-AEE0-30F1AE68ECE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_cp3525:cc469a:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6F8A9C-3CB7-4ED7-A429-B38756C38DF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_cp4005:cb503a:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C45B9-754F-48F4-9AAB-89F6EAA75DD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_cp6015:q3932a:*:*:*:*:*:*:*",
"matchCriteriaId": "E6401654-D769-4EF0-87BF-75AE3E1B2AC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_enterprise_cp4025:cc490a:*:*:*:*:*:*:*",
"matchCriteriaId": "891EEE00-61A5-4FD5-8EBB-B35B077C8BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:color_laserjet_enterprise_cp4525:cc493a:*:*:*:*:*:*:*",
"matchCriteriaId": "B7F925A9-96FE-4F0D-ADA6-DB7A9690A0C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:digital_sender_9250c:cb472a:*:*:*:*:*:*:*",
"matchCriteriaId": "EAF4BAA8-430F-4448-A454-64FC333E5904",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4240:q7785a:*:*:*:*:*:*:*",
"matchCriteriaId": "768B6070-68EB-4748-A4D2-7C99FD7A5669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4250:q5400a:*:*:*:*:*:*:*",
"matchCriteriaId": "86E90120-D1E4-4569-BCF4-6E2AE0AB04DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4345_mfp:q3942a:*:*:*:*:*:*:*",
"matchCriteriaId": "FAF59890-654A-4AEE-BF52-93E7AA796046",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_4350:q5407a:*:*:*:*:*:*:*",
"matchCriteriaId": "7F596D16-490E-4950-8A9B-5241906ED5B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5200l:q7543a:*:*:*:*:*:*:*",
"matchCriteriaId": "D60111B2-DAC6-4FB1-9921-B6550CAAD4C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_5200n:q7543a:*:*:*:*:*:*:*",
"matchCriteriaId": "82F8D5DE-1D66-4F1E-B273-233814F0CC99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040:q7697a:*:*:*:*:*:*:*",
"matchCriteriaId": "D40FF37E-F95A-429D-BC5B-F48D7C47C88D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9040_mfp:q3721a:*:*:*:*:*:*:*",
"matchCriteriaId": "162B0C2C-8C9C-467D-A309-8DDA7CE72B63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050:q7697a:*:*:*:*:*:*:*",
"matchCriteriaId": "660788B3-D2B6-4118-B443-9DE177FBE156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_9050_mfp:q3721a:*:*:*:*:*:*:*",
"matchCriteriaId": "69E39058-9565-4C1B-BB71-553ECB274216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_enterprise_p3015:ce526a:*:*:*:*:*:*:*",
"matchCriteriaId": "33ABE7DA-88CD-468B-9285-FE1509BA7D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m3027_mfp:cb416a:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3A0981-F09D-47B4-B441-3497291A9413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m3035_mfp:cb414a:*:*:*:*:*:*:*",
"matchCriteriaId": "008B528D-EBA7-4CC5-8E2F-F68D78222E45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m3035_mfp:cc519a:*:*:*:*:*:*:*",
"matchCriteriaId": "AA629824-72AF-40A5-8427-F5AFDE3AEBC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m4345_mfp:cb425a:*:*:*:*:*:*:*",
"matchCriteriaId": "D94328FB-B382-4231-8A4E-32C9AE7B8D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m5025_mfp:q7840a:*:*:*:*:*:*:*",
"matchCriteriaId": "331317DD-0827-45B0-B2B9-A3713B3AA767",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m5035_mfp:q7829a:*:*:*:*:*:*:*",
"matchCriteriaId": "AC132570-AB09-41CE-A3CF-755C9791171F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m9040_mpf:cc394a:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB5A6D2-CFE3-4F7C-BD24-024D37836A65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_m9050_mpf:cc395a:*:*:*:*:*:*:*",
"matchCriteriaId": "E82E7BE5-3B46-47C2-A560-7C11CD8B361A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p3005:q7812a:*:*:*:*:*:*:*",
"matchCriteriaId": "98B48314-2048-4856-80DA-EA08466EF53C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4014:cb507a:*:*:*:*:*:*:*",
"matchCriteriaId": "3D5FE9B2-99DD-4A4F-8914-B1DC6EA3B6C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4015:cb509a:*:*:*:*:*:*:*",
"matchCriteriaId": "F95EFE75-1428-4461-9062-56952EB96D32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:laserjet_p4515:cb514a:*:*:*:*:*:*:*",
"matchCriteriaId": "EACC9283-F37A-426B-9AD9-05B2F8D6325D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005 y P4xxx; LaserJet Enterprise P3015; 3xxx Color LaserJet, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005 y CP6015, Color LaserJet Enterprise CP4xxx y digital Sender 9250c con firmware hasta la version v52.x permite a atacantes remotos leer archivos de su elecci\u00f3n a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2012-5221",
"lastModified": "2024-11-21T01:44:17.060",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-29T21:55:00.997",
"references": [
{
"source": "hp-security-alert@hp.com",
"url": "http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1023"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}