CVE-2002-1796

Published: Dec 31, 2002Modified: Apr 16, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services.

Affected (1)

Products: Hp: Chaivm Ezloader

1 product

Chaivm Ezloader

Configuration A

1 vulnerable · 4 platform

Vulnerable Software	Affected Versions
Hp Chaivm Ezloader	All versions

Running on/with	Platform Versions
Hp Laserjet 4100	All versions
Hp Laserjet 4500	All versions
Hp Laserjet 4550	All versions
Hp Laserjet 8150	All versions

Related CWEs

CWE-347

Improper Verification of Cryptographic Signature

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

References (10)

http://online.securityfocus.com/advisories/4317

Source: cve@mitre.org

Broken LinkPatchThird Party AdvisoryVDB EntryVendor Advisory

http://www.iss.net/security_center/static/9695.php

Source: cve@mitre.org

Broken Link

http://www.phenoelit.de/stuff/HP_Chai.txt

Source: cve@mitre.org

Broken LinkVendor Advisory

http://www.securityfocus.com/archive/1/284648

Source: cve@mitre.org

Broken LinkThird Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/5334

Source: cve@mitre.org

Broken LinkThird Party AdvisoryVDB Entry

http://online.securityfocus.com/advisories/4317