← Back

CVE-2010-3920

nvd nist
Published: Dec 8, 2010Modified: Apr 29, 2026

JSON object

Loading...
4.6
Vector
AV:L/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 3.9 / Impact: 6.4
Source: NVD

Description

The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the "C:\Program Files" folder, which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories.

Affected (4)

Epson
4 products
Lp S7100 Driver 4.1.0
Lp S7100 Driver 4.1.7
Lp S9000 Driver 4.1.0
Lp S9000 Driver 4.1.11
Configuration A
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Lp S7100 Driver 4.1.0
All versions
Lp S7100 Driver 4.1.7
All versions
Running on/withPlatform Versions
Epson
Lp S7100
All versions
Configuration B
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Lp S9000 Driver 4.1.0
All versions
Lp S9000 Driver 4.1.11
All versions
Running on/withPlatform Versions
Epson
Lp S9000
All versions

Related CWEs

CWE-264
CWE-264

References (10)

Source: vultures@jpcert.or.jp
Source: vultures@jpcert.or.jp
Source: vultures@jpcert.or.jp
Source: vultures@jpcert.or.jp
Vendor Advisory
Source: vultures@jpcert.or.jp
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.