cvelistv5 - CVE-2010-3920

CVE-2010-3920 (GCVE-0-2010-3920)

Vulnerability from cvelistv5 – Published: 2010-12-08 19:00 – Updated: 2024-08-07 03:26

Summary

Severity ?

No CVSS data available.

CWE

Assigner

jpcert

References

URL

Tags

	http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-0…	third-party-advisoryx_refsource_JVNDB
	http://jvn.jp/en/jp/JVN62736872/index.html	third-party-advisoryx_refsource_JVN
	http://secunia.com/advisories/42540	third-party-advisoryx_refsource_SECUNIA
	http://www.epson.jp/support/misc/lps7100_9000/index.htm	x_refsource_CONFIRM
	http://osvdb.org/69678	vdb-entryx_refsource_OSVDB

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:26:12.271Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "JVNDB-2010-000059",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000059.html"
          },
          {
            "name": "JVN#62736872",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN62736872/index.html"
          },
          {
            "name": "42540",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42540"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.epson.jp/support/misc/lps7100_9000/index.htm"
          },
          {
            "name": "69678",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/69678"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-12-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the \"C:\\Program Files\" folder, which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-12-18T10:00:00",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "name": "JVNDB-2010-000059",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000059.html"
        },
        {
          "name": "JVN#62736872",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN62736872/index.html"
        },
        {
          "name": "42540",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42540"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.epson.jp/support/misc/lps7100_9000/index.htm"
        },
        {
          "name": "69678",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/69678"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2010-3920",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the \"C:\\Program Files\" folder, which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "JVNDB-2010-000059",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000059.html"
            },
            {
              "name": "JVN#62736872",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN62736872/index.html"
            },
            {
              "name": "42540",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42540"
            },
            {
              "name": "http://www.epson.jp/support/misc/lps7100_9000/index.htm",
              "refsource": "CONFIRM",
              "url": "http://www.epson.jp/support/misc/lps7100_9000/index.htm"
            },
            {
              "name": "69678",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/69678"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2010-3920",
    "datePublished": "2010-12-08T19:00:00",
    "dateReserved": "2010-10-12T00:00:00",
    "dateUpdated": "2024-08-07T03:26:12.271Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:epson:lp-s7100:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5741D0D8-8F00-4E38-8798-A39D5467C4C9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:epson:lp-s7100_driver_4.1.0:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4620B936-4901-40AC-B6CC-F73C49958FEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:epson:lp-s7100_driver_4.1.7:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"29B69116-7F42-4BF5-A580-1B26EB83ACF0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:epson:lp-s9000:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4E6E2CE-BDC3-447E-82CD-F4AC3FDDA99D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:epson:lp-s9000_driver_4.1.0:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1671F4CB-0843-4791-B746-E29AE0A63BFF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:epson:lp-s9000_driver_4.1.11:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D90FCB26-B2A7-4043-88F9-78ADC5F8E5F8\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the \\\"C:\\\\Program Files\\\" folder, which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories.\"}, {\"lang\": \"es\", \"value\": \"El instalador de drivers de impresora Seiko Epson para LP-S9000 anterior a v4.1.11 y LP-S7100 anterior a v4.1.7, o los descargados del proveedor entre mayo de 2010 y el 25 del noviembre de 2010, modifica los permisos de acceso de la carpeta \\\"C:\\\\Program Files\\\" (C:\\\\Archivos de programa) lo cual puede permitir a los usuarios locales evitar las restricciones de acceso y crear o modificar archivos y direcctorios a su elecci\\u00f3n.\"}]",
      "id": "CVE-2010-3920",
      "lastModified": "2024-11-21T01:19:54.250",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2010-12-08T20:00:01.713",
      "references": "[{\"url\": \"http://jvn.jp/en/jp/JVN62736872/index.html\", \"source\": \"vultures@jpcert.or.jp\"}, {\"url\": \"http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000059.html\", \"source\": \"vultures@jpcert.or.jp\"}, {\"url\": \"http://osvdb.org/69678\", \"source\": \"vultures@jpcert.or.jp\"}, {\"url\": \"http://secunia.com/advisories/42540\", \"source\": \"vultures@jpcert.or.jp\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.epson.jp/support/misc/lps7100_9000/index.htm\", \"source\": \"vultures@jpcert.or.jp\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://jvn.jp/en/jp/JVN62736872/index.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000059.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://osvdb.org/69678\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/42540\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.epson.jp/support/misc/lps7100_9000/index.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "vultures@jpcert.or.jp",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-3920\",\"sourceIdentifier\":\"vultures@jpcert.or.jp\",\"published\":\"2010-12-08T20:00:01.713\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the \\\"C:\\\\Program Files\\\" folder, which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories.\"},{\"lang\":\"es\",\"value\":\"El instalador de drivers de impresora Seiko Epson para LP-S9000 anterior a v4.1.11 y LP-S7100 anterior a v4.1.7, o los descargados del proveedor entre mayo de 2010 y el 25 del noviembre de 2010, modifica los permisos de acceso de la carpeta \\\"C:\\\\Program Files\\\" (C:\\\\Archivos de programa) lo cual puede permitir a los usuarios locales evitar las restricciones de acceso y crear o modificar archivos y direcctorios a su elecci\u00f3n.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:epson:lp-s7100:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5741D0D8-8F00-4E38-8798-A39D5467C4C9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:epson:lp-s7100_driver_4.1.0:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4620B936-4901-40AC-B6CC-F73C49958FEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:epson:lp-s7100_driver_4.1.7:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29B69116-7F42-4BF5-A580-1B26EB83ACF0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:epson:lp-s9000:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4E6E2CE-BDC3-447E-82CD-F4AC3FDDA99D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:epson:lp-s9000_driver_4.1.0:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1671F4CB-0843-4791-B746-E29AE0A63BFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:epson:lp-s9000_driver_4.1.11:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D90FCB26-B2A7-4043-88F9-78ADC5F8E5F8\"}]}]}],\"references\":[{\"url\":\"http://jvn.jp/en/jp/JVN62736872/index.html\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000059.html\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"http://osvdb.org/69678\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"http://secunia.com/advisories/42540\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.epson.jp/support/misc/lps7100_9000/index.htm\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://jvn.jp/en/jp/JVN62736872/index.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000059.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/69678\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/42540\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.epson.jp/support/misc/lps7100_9000/index.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

FKIE_CVE-2010-3920

Vulnerability from fkie_nvd - Published: 2010-12-08 20:00 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
vultures@jpcert.or.jp	http://jvn.jp/en/jp/JVN62736872/index.html
vultures@jpcert.or.jp	http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000059.html
vultures@jpcert.or.jp	http://osvdb.org/69678
vultures@jpcert.or.jp	http://secunia.com/advisories/42540	Vendor Advisory
vultures@jpcert.or.jp	http://www.epson.jp/support/misc/lps7100_9000/index.htm	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/en/jp/JVN62736872/index.html
af854a3a-2127-422b-91ae-364da2661108	http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000059.html
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/69678
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42540	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.epson.jp/support/misc/lps7100_9000/index.htm	Vendor Advisory

Impacted products

Vendor	Product	Version
epson	lp-s7100	*
epson	lp-s7100_driver_4.1.0	*
epson	lp-s7100_driver_4.1.7	*
epson	lp-s9000	*
epson	lp-s9000_driver_4.1.0	*
epson	lp-s9000_driver_4.1.11	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:epson:lp-s7100:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5741D0D8-8F00-4E38-8798-A39D5467C4C9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:epson:lp-s7100_driver_4.1.0:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4620B936-4901-40AC-B6CC-F73C49958FEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:epson:lp-s7100_driver_4.1.7:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "29B69116-7F42-4BF5-A580-1B26EB83ACF0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:epson:lp-s9000:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4E6E2CE-BDC3-447E-82CD-F4AC3FDDA99D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:epson:lp-s9000_driver_4.1.0:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1671F4CB-0843-4791-B746-E29AE0A63BFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:epson:lp-s9000_driver_4.1.11:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D90FCB26-B2A7-4043-88F9-78ADC5F8E5F8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the \"C:\\Program Files\" folder, which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories."
    },
    {
      "lang": "es",
      "value": "El instalador de drivers de impresora Seiko Epson para LP-S9000 anterior a v4.1.11 y LP-S7100 anterior a v4.1.7, o los descargados del proveedor entre mayo de 2010 y el 25 del noviembre de 2010, modifica los permisos de acceso de la carpeta \"C:\\Program Files\" (C:\\Archivos de programa) lo cual puede permitir a los usuarios locales evitar las restricciones de acceso y crear o modificar archivos y direcctorios a su elecci\u00f3n."
    }
  ],
  "id": "CVE-2010-3920",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-12-08T20:00:01.713",
  "references": [
    {
      "source": "vultures@jpcert.or.jp",
      "url": "http://jvn.jp/en/jp/JVN62736872/index.html"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000059.html"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "http://osvdb.org/69678"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/42540"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.epson.jp/support/misc/lps7100_9000/index.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvn.jp/en/jp/JVN62736872/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000059.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/69678"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/42540"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.epson.jp/support/misc/lps7100_9000/index.htm"
    }
  ],
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-4MG2-5H8V-XQ4J

Vulnerability from github – Published: 2022-05-17 05:42 – Updated: 2022-05-17 05:42

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-3920"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-12-08T20:00:00Z",
    "severity": "MODERATE"
  },
  "details": "The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the \"C:\\Program Files\" folder, which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories.",
  "id": "GHSA-4mg2-5h8v-xq4j",
  "modified": "2022-05-17T05:42:57Z",
  "published": "2022-05-17T05:42:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3920"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN62736872/index.html"
    },
    {
      "type": "WEB",
      "url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000059.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/69678"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/42540"
    },
    {
      "type": "WEB",
      "url": "http://www.epson.jp/support/misc/lps7100_9000/index.htm"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

JVNDB-2010-000059

Vulnerability from jvndb - Published: 2010-12-08 18:25 - Updated:2010-12-08 18:25

Severity ?

() - -

Summary

Vulnerability in Epson printer driver installer where access permissions are changed

Details

A vulnerability in printer driver installers provided by Epson cause access permissions to a certain folder on the system to be changed. When printer drivers provided by Epson are installed, the access permissions for the folder that contains program files (C:\Program Files) are changed. As a result, users that do not have permission to access that folder can gain access to that folder. According to the developer, printer drivers that were included with the product or downloaded from the developer website from the initial release of May 2010 through November 25, 2010 are affected by this vulnerability. Also, users of Windows Vista and later operating systems are not affected.

References

Type

URL

	JVN	http://jvn.jp/en/jp/JVN62736872/index.html
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3920
	NVD	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3920
	SECUNIA	http://secunia.com/advisories/42540
	OSVDB	http://osvdb.org/69678
	No Mapping(CWE-DesignError)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	SEIKO EPSON CORPORATION	Driver for LP-S7100
	SEIKO EPSON CORPORATION	Driver for LP-S9000

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000059.html",
  "dc:date": "2010-12-08T18:25+09:00",
  "dcterms:issued": "2010-12-08T18:25+09:00",
  "dcterms:modified": "2010-12-08T18:25+09:00",
  "description": "A vulnerability in printer driver installers provided by Epson cause access permissions to a certain folder on the system to be changed.\r\n\r\nWhen printer drivers provided by Epson are installed, the access permissions for the folder that contains program files (C:\\Program Files) are changed. As a result, users that do not have permission to access that folder can gain access to that folder.\r\n\r\nAccording to the developer, printer drivers that were included with the product or downloaded from the developer website from the initial release of May 2010 through November 25, 2010 are affected by this vulnerability.\r\nAlso, users of Windows Vista and later operating systems are not affected.",
  "link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000059.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:epson:lp-s7100",
      "@product": "Driver for LP-S7100",
      "@vendor": "SEIKO EPSON CORPORATION",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:epson:lp-s9000",
      "@product": "Driver for LP-S9000",
      "@vendor": "SEIKO EPSON CORPORATION",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "2.1",
    "@severity": "Low",
    "@type": "Base",
    "@vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2010-000059",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN62736872/index.html",
      "@id": "JVN#62736872",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3920",
      "@id": "CVE-2010-3920",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3920",
      "@id": "CVE-2010-3920",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/42540",
      "@id": "SA42540",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://osvdb.org/69678",
      "@id": "69678",
      "@source": "OSVDB"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-DesignError",
      "@title": "No Mapping(CWE-DesignError)"
    }
  ],
  "title": "Vulnerability in Epson printer driver installer where access permissions are changed"
}

GSD-2010-3920

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2010-3920

Aliases

CVE-2010-3920

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-3920",
    "description": "The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the \"C:\\Program Files\" folder, which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories.",
    "id": "GSD-2010-3920"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-3920"
      ],
      "details": "The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the \"C:\\Program Files\" folder, which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories.",
      "id": "GSD-2010-3920",
      "modified": "2023-12-13T01:21:34.252776Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "vultures@jpcert.or.jp",
        "ID": "CVE-2010-3920",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the \"C:\\Program Files\" folder, which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "JVNDB-2010-000059",
            "refsource": "JVNDB",
            "url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000059.html"
          },
          {
            "name": "JVN#62736872",
            "refsource": "JVN",
            "url": "http://jvn.jp/en/jp/JVN62736872/index.html"
          },
          {
            "name": "42540",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/42540"
          },
          {
            "name": "http://www.epson.jp/support/misc/lps7100_9000/index.htm",
            "refsource": "CONFIRM",
            "url": "http://www.epson.jp/support/misc/lps7100_9000/index.htm"
          },
          {
            "name": "69678",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/69678"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:lp-s7100:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:epson:lp-s7100_driver_4.1.0:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:epson:lp-s7100_driver_4.1.7:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:lp-s9000:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:epson:lp-s9000_driver_4.1.0:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:epson:lp-s9000_driver_4.1.11:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2010-3920"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the \"C:\\Program Files\" folder, which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "JVN#62736872",
              "refsource": "JVN",
              "tags": [],
              "url": "http://jvn.jp/en/jp/JVN62736872/index.html"
            },
            {
              "name": "42540",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/42540"
            },
            {
              "name": "http://www.epson.jp/support/misc/lps7100_9000/index.htm",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.epson.jp/support/misc/lps7100_9000/index.htm"
            },
            {
              "name": "JVNDB-2010-000059",
              "refsource": "JVNDB",
              "tags": [],
              "url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000059.html"
            },
            {
              "name": "69678",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/69678"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2011-03-11T03:48Z",
      "publishedDate": "2010-12-08T20:00Z"
    }
  }
}

VAR-201012-0350

Vulnerability from variot - Updated: 2023-12-18 12:58

The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the "C:\Program Files" folder, which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories. As a result, users that do not have permission to access that folder can gain access to that folder. According to the developer, printer drivers that were included with the product or downloaded from the developer website from the initial release of May 2010 through November 25, 2010 are affected by this vulnerability. Also, users of Windows Vista and later operating systems are not affected. The Epson LP-S7100 / LP-S9000 is a family of high performance printers. There is a problem with the Epson LP-S7100 / LP-S9000 driver installation, allowing local users to increase privileges. Because the default permissions for \"C:\Program Files\" and its subdirectories are not set correctly (\"Everyone\" group is fully controlled), local users can exploit the vulnerability to overwrite any file in these folders, resulting in elevation of privilege. Local attackers can exploit this issue to gain elevated privileges on affected devices. The following driver versions are vulnerable: LP-S7100 4.1.0fi through 4.1.7fi and 4.1.0hi through 4.1.7hi LP-S9000 4.1.0fc through 4.1.11fc and 4.1.0hc through 4.1.11hc. ----------------------------------------------------------------------

Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM).

Request a free trial: http://secunia.com/products/corporate/vim/

TITLE: Epson LP-S7100 / LP-S9000 Drivers Insecure Default Permissions

SECUNIA ADVISORY ID: SA42540

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42540/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42540

RELEASE DATE: 2010-12-08

DISCUSS ADVISORY: http://secunia.com/advisories/42540/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/42540/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=42540

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: A security issue has been reported in Epson LP-S7100 / LP-S9000 drivers, which can be exploited by malicious, local users to gain escalated privileges.

The security issue is reported in the following versions: * LP-S7100 32bit edition versions 4.1.0fi through 4.1.7fi * LP-S7100 64bit edition versions 4.1.0hi through 4.1.7hi * LP-S9000 32bit edition versions 4.1.0fc through 4.1.11fc * LP-S9000 64bit edition versions 4.1.0hc through 4.1.11hc

SOLUTION: Update to a patched version and reset permissions. Please see the vendor's advisory for more details.

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: http://www.epson.jp/support/misc/lps7100_9000/index.htm

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201012-0350",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "lp-s9000 driver 4.1.11",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "epson",
        "version": "*"
      },
      {
        "model": "lp-s7100 driver 4.1.7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "epson",
        "version": "*"
      },
      {
        "model": "lp-s9000 driver 4.1.0",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "epson",
        "version": "*"
      },
      {
        "model": "lp-s7100 driver 4.1.0",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "epson",
        "version": "*"
      },
      {
        "model": "lp-s9000 4.1.0fc",
        "scope": null,
        "trust": 0.9,
        "vendor": "epson",
        "version": null
      },
      {
        "model": "lp-s9000 4.1.0hc",
        "scope": null,
        "trust": 0.9,
        "vendor": "epson",
        "version": null
      },
      {
        "model": "lp-s9000 4.1.11fc",
        "scope": null,
        "trust": 0.9,
        "vendor": "epson",
        "version": null
      },
      {
        "model": "lp-s9000 4.1.11hc",
        "scope": null,
        "trust": 0.9,
        "vendor": "epson",
        "version": null
      },
      {
        "model": "driver for lp-s7100",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "seiko epson",
        "version": "prior to ver4.1.11 (32-bit and 64-bit)"
      },
      {
        "model": "driver for lp-s9000",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "seiko epson",
        "version": "prior to ver4.1.7 (32-bit and 64-bit)"
      },
      {
        "model": "lp-s9000 4.1.0fi",
        "scope": null,
        "trust": 0.6,
        "vendor": "epson",
        "version": null
      },
      {
        "model": "lp-s9000 4.1.0hi",
        "scope": null,
        "trust": 0.6,
        "vendor": "epson",
        "version": null
      },
      {
        "model": "lp-s9000 4.1.7fi",
        "scope": null,
        "trust": 0.6,
        "vendor": "epson",
        "version": null
      },
      {
        "model": "lp-s9000 4.1.7hi",
        "scope": null,
        "trust": 0.6,
        "vendor": "epson",
        "version": null
      },
      {
        "model": "lp-s9000",
        "scope": null,
        "trust": 0.6,
        "vendor": "epson",
        "version": null
      },
      {
        "model": "lp-s7100",
        "scope": null,
        "trust": 0.6,
        "vendor": "epson",
        "version": null
      },
      {
        "model": "lp-s7100 4.1.7hi",
        "scope": null,
        "trust": 0.3,
        "vendor": "epson",
        "version": null
      },
      {
        "model": "lp-s7100 4.1.7fi",
        "scope": null,
        "trust": 0.3,
        "vendor": "epson",
        "version": null
      },
      {
        "model": "lp-s7100 4.1.0hi",
        "scope": null,
        "trust": 0.3,
        "vendor": "epson",
        "version": null
      },
      {
        "model": "lp-s7100 4.1.0fi",
        "scope": null,
        "trust": 0.3,
        "vendor": "epson",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2010-3107"
      },
      {
        "db": "BID",
        "id": "45258"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-000059"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-3920"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201012-100"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:lp-s7100:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:epson:lp-s7100_driver_4.1.0:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:epson:lp-s7100_driver_4.1.7:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:epson:lp-s9000:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:epson:lp-s9000_driver_4.1.0:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:epson:lp-s9000_driver_4.1.11:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-3920"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "45258"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2010-3920",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "IPA",
            "availabilityImpact": "None",
            "baseScore": 2.1,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2010-000059",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2010-3920",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2010-000059",
            "trust": 0.8,
            "value": "Low"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201012-100",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-000059"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-3920"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201012-100"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the \"C:\\Program Files\" folder, which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories. As a result, users that do not have permission to access that folder can gain access to that folder. According to the developer, printer drivers that were included with the product or downloaded from the developer website from the initial release of May 2010 through November 25, 2010 are affected by this vulnerability. Also, users of Windows Vista and later operating systems are not affected. The Epson LP-S7100 / LP-S9000 is a family of high performance printers. There is a problem with the Epson LP-S7100 / LP-S9000 driver installation, allowing local users to increase privileges. Because the default permissions for \\\"C:\\\\Program Files\\\" and its subdirectories are not set correctly (\\\"Everyone\\\" group is fully controlled), local users can exploit the vulnerability to overwrite any file in these folders, resulting in elevation of privilege. \nLocal attackers can exploit this issue to gain elevated privileges on affected devices. \nThe following driver versions are vulnerable:\nLP-S7100 4.1.0fi through 4.1.7fi and 4.1.0hi through 4.1.7hi\nLP-S9000 4.1.0fc through 4.1.11fc and 4.1.0hc through 4.1.11hc. ----------------------------------------------------------------------\n\n\nSecure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). \n\nRequest a free trial: \nhttp://secunia.com/products/corporate/vim/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nEpson LP-S7100 / LP-S9000 Drivers Insecure Default Permissions\n\nSECUNIA ADVISORY ID:\nSA42540\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/42540/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42540\n\nRELEASE DATE:\n2010-12-08\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/42540/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/42540/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42540\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA security issue has been reported in Epson LP-S7100 / LP-S9000\ndrivers, which can be exploited by malicious, local users to gain\nescalated privileges. \n\nThe security issue is reported in the following versions:\n* LP-S7100 32bit edition versions 4.1.0fi through 4.1.7fi\n* LP-S7100 64bit edition versions 4.1.0hi through 4.1.7hi\n* LP-S9000 32bit edition versions 4.1.0fc through 4.1.11fc\n* LP-S9000 64bit edition versions 4.1.0hc through 4.1.11hc\n\nSOLUTION:\nUpdate to a patched version and reset permissions. Please see the\nvendor\u0027s advisory for more details. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.epson.jp/support/misc/lps7100_9000/index.htm\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-3920"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-000059"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-3107"
      },
      {
        "db": "BID",
        "id": "45258"
      },
      {
        "db": "PACKETSTORM",
        "id": "96501"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2010-3920",
        "trust": 3.3
      },
      {
        "db": "SECUNIA",
        "id": "42540",
        "trust": 3.1
      },
      {
        "db": "JVN",
        "id": "JVN62736872",
        "trust": 2.4
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-000059",
        "trust": 2.4
      },
      {
        "db": "OSVDB",
        "id": "69678",
        "trust": 1.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-3107",
        "trust": 0.6
      },
      {
        "db": "JVN",
        "id": "JVN#62736872",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201012-100",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "45258",
        "trust": 0.3
      },
      {
        "db": "PACKETSTORM",
        "id": "96501",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2010-3107"
      },
      {
        "db": "BID",
        "id": "45258"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-000059"
      },
      {
        "db": "PACKETSTORM",
        "id": "96501"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-3920"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201012-100"
      }
    ]
  },
  "id": "VAR-201012-0350",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2010-3107"
      }
    ],
    "trust": 1.2666667
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2010-3107"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:58:26.122000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "To the users of LP-S7100/LP-S9000",
        "trust": 0.8,
        "url": "http://www.epson.jp/support/misc/lps7100_9000/index.htm"
      },
      {
        "title": "Epson LP-S7100 / LP-S9000 Unsafe Directory Permissions Elevation of Privilege Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/1998"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2010-3107"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-000059"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-DesignError",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-000059"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-3920"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "http://jvn.jp/en/jp/jvn62736872/index.html"
      },
      {
        "trust": 2.4,
        "url": "http://secunia.com/advisories/42540"
      },
      {
        "trust": 2.0,
        "url": "http://www.epson.jp/support/misc/lps7100_9000/index.htm"
      },
      {
        "trust": 1.8,
        "url": "http://osvdb.org/69678"
      },
      {
        "trust": 1.6,
        "url": "http://jvndb.jvn.jp/ja/contents/2010/jvndb-2010-000059.html"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3920"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-3920"
      },
      {
        "trust": 0.7,
        "url": "http://secunia.com/advisories/42540/"
      },
      {
        "trust": 0.3,
        "url": "http://www.epson.jp/products/offirio/printer/lps7100/"
      },
      {
        "trust": 0.3,
        "url": "http://www.epson.jp/products/offirio/printer/lps9000/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/products/corporate/evm/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/42540/#comments"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42540"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/products/corporate/vim/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2010-3107"
      },
      {
        "db": "BID",
        "id": "45258"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-000059"
      },
      {
        "db": "PACKETSTORM",
        "id": "96501"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-3920"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201012-100"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2010-3107"
      },
      {
        "db": "BID",
        "id": "45258"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-000059"
      },
      {
        "db": "PACKETSTORM",
        "id": "96501"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-3920"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201012-100"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-12-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2010-3107"
      },
      {
        "date": "2010-12-08T00:00:00",
        "db": "BID",
        "id": "45258"
      },
      {
        "date": "2010-12-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-000059"
      },
      {
        "date": "2010-12-08T05:23:36",
        "db": "PACKETSTORM",
        "id": "96501"
      },
      {
        "date": "2010-12-08T20:00:01.713000",
        "db": "NVD",
        "id": "CVE-2010-3920"
      },
      {
        "date": "2010-12-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201012-100"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-12-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2010-3107"
      },
      {
        "date": "2010-12-08T00:00:00",
        "db": "BID",
        "id": "45258"
      },
      {
        "date": "2010-12-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-000059"
      },
      {
        "date": "2011-03-11T03:48:31.097000",
        "db": "NVD",
        "id": "CVE-2010-3920"
      },
      {
        "date": "2010-12-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201012-100"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "45258"
      },
      {
        "db": "PACKETSTORM",
        "id": "96501"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201012-100"
      }
    ],
    "trust": 1.0
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vulnerability in Epson printer driver installer where access permissions are changed",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-000059"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201012-100"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-3920 (GCVE-0-2010-3920)

FKIE_CVE-2010-3920

GHSA-4MG2-5H8V-XQ4J

JVNDB-2010-000059

GSD-2010-3920

VAR-201012-0350

Tags

Sightings

Nomenclature