CVE-2019-14300

Published: Aug 26, 2019Modified: Nov 21, 2024

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Several Ricoh printers have multiple buffer overflows parsing HTTP cookie headers, which allow an attacker to cause a denial of service or code execution via crafted requests to the web server. Affected firmware versions depend on the printer models. One affected configuration is cpe:2.3:o:ricoh:sp_c250dn_firmware:-:*:*:*:*:*:*:* up to (including) 1.06 running on cpe:2.3:o:ricoh:sp_c250dn:-:*:*:*:*:*:*:*, cpe:2.3:o:ricoh:sp_c252dn:-:*:*:*:*:*:*:*. Another affected configuration is cpe:2.3:o:ricoh:sp_c250sf_firmware:-:*:*:*:*:*:*:* up to (including) 1.12 running on cpe:2.3:o:ricoh:sp_c250sf:-:*:*:*:*:*:*:*, cpe:2.3:o:ricoh:sp_c252sf:-:*:*:*:*:*:*:*.

Affected (4)

Products: Ricoh: Sp C250sf Firmware, Sp C252sf Firmware, Sp C250dn Firmware, Sp C252dn Firmware

4 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ricoh Sp C250sf Firmware	Before 1.13

Running on/with	Platform Versions
Ricoh Sp C250sf	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ricoh Sp C252sf Firmware	Before 1.13

Running on/with	Platform Versions
Ricoh Sp C252sf	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ricoh Sp C250dn Firmware	Before 1.07

Running on/with	Platform Versions
Ricoh Sp C250dn	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ricoh Sp C252dn Firmware	Before 1.07

Running on/with	Platform Versions
Ricoh Sp C252dn	All versions

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (6)

http://jvn.jp/en/jp/JVN11708203/index.html

Source: cve@mitre.org

https://www.ricoh-usa.com/en/support-and-download

Source: cve@mitre.org

Product

https://www.ricoh.com/info/2019/0823_1/

Source: cve@mitre.org

Vendor Advisory

http://jvn.jp/en/jp/JVN11708203/index.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.ricoh-usa.com/en/support-and-download

Source: af854a3a-2127-422b-91ae-364da2661108

Product

https://www.ricoh.com/info/2019/0823_1/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.