20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v.
HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190426) may have an IPP Parser potentially vulnerable to Buffer Overflow.
Affected products and versions include: HP DeskJet 2600 All-in-One Printer series model numbers 4UJ28B, V1N01A - V1N08A, Y5H60A - Y5H80A HP DeskJet Ink Advantage 2600 All-in-One Printer series model numbers V1N02A - V1N02B, Y5Z00A - Y5Z04B HP DeskJet Ink Advantage 5000 All-in-One Printer series model numbers M2U86A - M2U89B HP DeskJet Ink Advantage 5200 All-in-One Printer series model numbers M2U76A - M2U78B HP ENVY 5000 All-in-One Printer series model numbers M2U85A - M2U85B, M2U91A - M2U94B, Z4A54A - Z4A74A HP ENVY Photo 6200 All-in-One Printer series model numbers K7G18A-K7G26B, K7S21B, Y0K13D - Y0K15A HP ENVY Photo 7100 All-in-One Printer series model numbers 3XD89A, K7G93A-K7G99A, Z3M37A - Z3M52A HP ENVY Photo 7800 All-in-One Printer series model numbers K7R96A, K7S00A - K7S10D, Y0G42D - Y0G52B HP Ink Tank Wireless 410 series model numbers Z4B53A - Z4B55A, Z6Z95A - Z6Z99A, 4DX94A - 4DX95A, 4YF79A, Z7A01A HP OfficeJet 5200 All-in-One Printer series model numbers M2U75A, M2U81A-M2U84B, Z4B12A - Z4B14A, Z4B27A - Z4B29A HP Smart Tank Wireless 450 series model numbers Z4B56A, Z6Z96A - Z6Z98A. The vulnerability could be exploited to allow cross-site scripting (XSS). Under certain circumstances, the printer produces a core dump to a local device.Ī potential security vulnerability has been identified with certain HP InkJet printers. OCR (Optical Character Recognition) software available with HP PageWide and OfficeJet printer software installations that could potentially allow unauthorized local code execution.įor the printers listed a maliciously crafted print file might cause certain HP Inkjet printers to assert. HP has identified a security vulnerability with the I.R.I.S.
Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow a Denial of Service on the device. Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow an unauthorized user to reconfigure, reset the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. **UNSUPPORTED WHEN ASSIGNED** Cross Site Scripting (XSS) in HP Deskjet 2540 series printer Firmware Version CEP1FN1418BR and Product Model Number A9U23B allows authenticated attacker to inject their own script into the page via HTTP configuration page.
0 kommentar(er)
