Buffer Overflow, Disclosure of Information
Source: HP, HP Product Security Response Team (PSRT)
Reported By: XiaoyuHe@VARAS
A maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device.
VULNERABILITY SUMMARY
note:All product versions are impacted prior to the firmware versions listed.
Reference
|
Base Vector
|
Base Score
|
CVE-2019-6337
|
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
|
3.5 (Low)
|
CVE-2019-10627
|
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
|
5.3 (Medium)
|
CVE-2019-16240
|
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
|
5.3 (Medium)
|
Product Name
|
Model Number
|
Firmware Revision
|
HP OfficeJet Pro 8210 Printer series
|
D9L63A - D9L64A
T0G70A
J3P65A - J3P68A
|
001.1937C or later
|
HP PageWide 352dw Printer
|
J6U57A - J6U57B
|
001.1937D or later
|
HP PageWide 377dw Multifunction Printer
|
J9V80A
J9V80B
|
001.1937D or later
|
HP PageWide Managed P55250dw Printer series
|
J6U55A - J6U55D
J6U51B
|
001.1937D or later
|
HP PageWide Managed P57750dw Multifunction Printer series
HP PageWide Managed P52750dw Multifunction Printer
|
J9V82A - J9V82D
J9V78B
|
001.1937D or later
|
HP PageWide Pro 452dn Printer series
|
D3Q15A
D3Q15B
D3Q15D
|
001.1937D or later
|
HP PageWide Pro 452dw Printer series
|
D3Q16A - D3Q16D
W2Z52B
|
001.1937D or later
|
HP PageWide Pro 477dn Multifunction Printer series
|
D3Q19A
D3Q19B
D3Q19D
|
001.1937D or later
|
HP PageWide Pro 477dw Multifunction Printer series
|
D3Q20A
D3Q20B
D3Q20C
D3Q20D
W2Z53B
|
001.1937D or later
|
HP PageWide Pro 552dw Printer series
|
2DR21D
D3Q17A - D3Q17D
K9Z74A - K9Z74D
|
001.1937D or later
|
HP PageWide Pro 577dw Multifunction Printer series
|
D3Q21A
D3Q21B
D3Q21C
D3Q21D
|
001.1937D or later
|
HP PageWide Pro 577z Multifunction Printer series
|
K9Z76A
K9Z76B
K9Z76D
|
001.1937D or later
|
PI
|
HP Printing and Imaging
|
HF
|
HP Hardware and Firmware
|
GN
|
HP General Software
|