Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2012-5221

Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors.

Published

2013-04-29T21:55:00.997

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Hardware	hp	color_laserjet_3000	q7534a	Yes
Hardware	hp	color_laserjet_3800	q5981a	Yes
Hardware	hp	color_laserjet_4700	q7492a	Yes
Hardware	hp	color_laserjet_4730_mfp	cb480a	Yes
Hardware	hp	color_laserjet_5550	q3714a	Yes
Hardware	hp	color_laserjet_9500_mfp	c8549a	Yes
Hardware	hp	color_laserjet_cm6030_mfp	ce664a	Yes
Hardware	hp	color_laserjet_cm6040_mfp	q3939a	Yes
Hardware	hp	color_laserjet_cp3505	cb442a	Yes
Hardware	hp	color_laserjet_cp3525	cc469a	Yes
Hardware	hp	color_laserjet_cp4005	cb503a	Yes
Hardware	hp	color_laserjet_cp6015	q3932a	Yes
Hardware	hp	color_laserjet_enterprise_cp4025	cc490a	Yes
Hardware	hp	color_laserjet_enterprise_cp4525	cc493a	Yes
Hardware	hp	digital_sender_9250c	cb472a	Yes
Hardware	hp	laserjet_4240	q7785a	Yes
Hardware	hp	laserjet_4250	q5400a	Yes
Hardware	hp	laserjet_4345_mfp	q3942a	Yes
Hardware	hp	laserjet_4350	q5407a	Yes
Hardware	hp	laserjet_5200l	q7543a	Yes
Hardware	hp	laserjet_5200n	q7543a	Yes
Hardware	hp	laserjet_9040	q7697a	Yes
Hardware	hp	laserjet_9040_mfp	q3721a	Yes
Hardware	hp	laserjet_9050	q7697a	Yes
Hardware	hp	laserjet_9050_mfp	q3721a	Yes
Hardware	hp	laserjet_enterprise_p3015	ce526a	Yes
Hardware	hp	laserjet_m3027_mfp	cb416a	Yes
Hardware	hp	laserjet_m3035_mfp	cb414a	Yes
Hardware	hp	laserjet_m3035_mfp	cc519a	Yes
Hardware	hp	laserjet_m4345_mfp	cb425a	Yes
Hardware	hp	laserjet_m5025_mfp	q7840a	Yes
Hardware	hp	laserjet_m5035_mfp	q7829a	Yes
Hardware	hp	laserjet_m9040_mpf	cc394a	Yes
Hardware	hp	laserjet_m9050_mpf	cc395a	Yes
Hardware	hp	laserjet_p3005	q7812a	Yes
Hardware	hp	laserjet_p4014	cb507a	Yes
Hardware	hp	laserjet_p4015	cb509a	Yes
Hardware	hp	laserjet_p4515	cb514a	Yes

References

http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1023 ([email protected])
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742 Vendor Advisory ([email protected])
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742 Vendor Advisory ([email protected])
http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1023 (af854a3a-2127-422b-91ae-364da2661108)
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)