CVE-2012-5221

Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742	Vendor Advisory
http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1023

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:hp:color_laserjet_9500_mfp:c8549a:::::::*
	cpe:2.3:h:hp:color_laserjet_cm6030_mfp:ce664a:::::::*
	cpe:2.3:h:hp:laserjet_4240:q7785a:::::::*
	cpe:2.3:h:hp:laserjet_4250:q5400a:::::::*
	cpe:2.3:h:hp:laserjet_9050:q7697a:::::::*
	cpe:2.3:h:hp:laserjet_9050_mfp:q3721a:::::::*
	cpe:2.3:h:hp:laserjet_m5035_mfp:q7829a:::::::*
	cpe:2.3:h:hp:laserjet_m9040_mpf:cc394a:::::::*
	cpe:2.3:h:hp:color_laserjet_4730_mfp:cb480a:::::::*
	cpe:2.3:h:hp:color_laserjet_5550:q3714a:::::::*
	cpe:2.3:h:hp:color_laserjet_enterprise_cp4025:cc490a:::::::*
	cpe:2.3:h:hp:color_laserjet_enterprise_cp4525:cc493a:::::::*
	cpe:2.3:h:hp:laserjet_4345_mfp:q3942a:::::::*
	cpe:2.3:h:hp:laserjet_9040:q7697a:::::::*
	cpe:2.3:h:hp:color_laserjet_cp3525:cc469a:::::::*
	cpe:2.3:h:hp:color_laserjet_cp4005:cb503a:::::::*
	cpe:2.3:h:hp:color_laserjet_cp3505:cb442a:::::::*
	cpe:2.3:h:hp:laserjet_p3005:q7812a:::::::*
	cpe:2.3:h:hp:laserjet_m5025_mfp:q7840a:::::::*
	cpe:2.3:h:hp:color_laserjet_cp6015:q3932a:::::::*
	cpe:2.3:h:hp:laserjet_m4345_mfp:cb425a:::::::*
	cpe:2.3:h:hp:laserjet_m3027_mfp:cb416a:::::::*
	cpe:2.3:h:hp:laserjet_4350:q5407a:::::::*
	cpe:2.3:h:hp:laserjet_5200l:q7543a:::::::*
	cpe:2.3:h:hp:color_laserjet_cm6040_mfp:q3939a:::::::*
	cpe:2.3:h:hp:laserjet_enterprise_p3015:ce526a:::::::*
	cpe:2.3:h:hp:laserjet_9040_mfp:q3721a:::::::*
	cpe:2.3:h:hp:color_laserjet_4700:q7492a:::::::*
	cpe:2.3:h:hp:digital_sender_9250c:cb472a:::::::*
	cpe:2.3:h:hp:laserjet_p4014:cb507a:::::::*
	cpe:2.3:h:hp:color_laserjet_3800:q5981a:::::::*
	cpe:2.3:h:hp:laserjet_m9050_mpf:cc395a:::::::*
	cpe:2.3:h:hp:color_laserjet_3000:q7534a:::::::*
	cpe:2.3:h:hp:laserjet_p4015:cb509a:::::::*
	cpe:2.3:h:hp:laserjet_m3035_mfp:cc519a:::::::*
	cpe:2.3:h:hp:laserjet_5200n:q7543a:::::::*
	cpe:2.3:h:hp:laserjet_p4515:cb514a:::::::*
	cpe:2.3:h:hp:laserjet_m3035_mfp:cb414a:::::::*

Information

Published : 2013-04-29 14:55

Updated : 2013-12-30 20:19

NVD link : CVE-2012-5221

Mitre link : CVE-2012-5221

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

laserjet_5200n
laserjet_m9050_mpf
color_laserjet_enterprise_cp4025
laserjet_9050_mfp
laserjet_9050
laserjet_4345_mfp
laserjet_m3035_mfp
laserjet_4250
color_laserjet_cp6015
laserjet_4350
color_laserjet_4700
laserjet_4240
color_laserjet_cp3525
laserjet_p3005
laserjet_m4345_mfp
laserjet_p4515
laserjet_9040
laserjet_m5025_mfp
laserjet_m9040_mpf
laserjet_m3027_mfp
color_laserjet_enterprise_cp4525
laserjet_p4015
color_laserjet_9500_mfp
laserjet_p4014
color_laserjet_5550
digital_sender_9250c
color_laserjet_3800
laserjet_9040_mfp
color_laserjet_cm6030_mfp
color_laserjet_cp3505
laserjet_m5035_mfp
color_laserjet_4730_mfp
color_laserjet_cp4005
laserjet_5200l
laserjet_enterprise_p3015
color_laserjet_3000
color_laserjet_cm6040_mfp

5.0 /10