Page 2 of 8 results (0.002 seconds)

CVSS: 4.1EPSS: 0%CPEs: 21EXPL: 2

The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006-0023. El controlador PML HPZ12 (HPZipm12.exe) en los controladores todo en uno de HP, usado en múltiples productos HP, utiliza permisos no seguros SERVICE_CHANGE_CONFIG DACL, lo cual permite a un usuario local ganar privilegios y ejecutar programas de su elección, como se demostró con la modificación del argumento binpath, un asunto relacionado con CVE-2006-0023. • https://www.exploit-db.com/exploits/29403 http://osvdb.org/32654 http://secunia.com/advisories/23663 http://securityreason.com/securityalert/2128 http://secway.org/advisory/AD20070108.txt http://www.securityfocus.com/archive/1/456259/100/0/threaded http://www.securityfocus.com/bid/21935 http://www.vupen.com/english/advisories/2007/0094 https://exchange.xforce.ibmcloud.com/vulnerabilities/31361 •

CVSS: 5.0EPSS: 0%CPEs: 19EXPL: 0

The remote upgrade capability in HP LaserJet 4200 and 4300 printers does not require a password, which allows remote attackers to upgrade firmware. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=PSD_HPSBPI01085 http://securitytracker.com/id?1011671 http://www.securityfocus.com/bid/11297 https://exchange.xforce.ibmcloud.com/vulnerabilities/17634 •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services. • http://online.securityfocus.com/advisories/4317 http://www.iss.net/security_center/static/9695.php http://www.phenoelit.de/stuff/HP_Chai.txt http://www.securityfocus.com/archive/1/284648 http://www.securityfocus.com/bid/5334 • CWE-347: Improper Verification of Cryptographic Signature •