CVE-2007-0161
4.1
Vector
AV:L/AC:M/Au:S/C:P/I:P/A:P
Exploitability: 2.7 / Impact: 6.4
Source: NVD
Description
The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006-0023.
Affected (21)
Products: Hp: Pml Driver Hpz12, Color Laserjet 4650, Officejet 4100, Officejet 5100, Officejet 5500, Officejet 6100, Officejet 7100, Officejet D, Officejet G, Officejet K, Psc 1100, Psc 1200, Psc 1210 All In One, Psc 1300, Psc 2100, Psc 2200, Psc 2400 Photosmart All In One, Psc 2500 Photosmart All In One, Psc 2510 Photosmart, Psc 700, Psc 900
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions | |
| All versions |
References (16)
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.