Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.1
CVSSv2

CVE-2007-0161

Published: 10/01/2007 Updated: 16/10/2018
CVSS v2 Base Score: 4.1 | Impact Score: 6.4 | Exploitability Score: 2.7
VMScore: 415
Vector: AV:L/AC:M/Au:S/C:P/I:P/A:P
Subscribe to Hp

Vulnerability Summary

The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006-0023.

Vulnerable Product Search on Vulmon Subscribe to Product

hp pml driver hpz12

hp color laserjet 4650

hp officejet k

hp psc 1100

hp psc 2500 photosmart all-in-one

hp psc 2510 photosmart

hp officejet 4100

hp officejet 5100

hp officejet 5500

hp psc 1200

hp psc 1210 all-in-one

hp psc 700

hp psc 900

hp officejet d

hp officejet g

hp psc 2200

hp psc 2400 photosmart all-in-one

hp officejet 6100

hp officejet 7100

hp psc 1300

hp psc 2100

Exploits

Exploit DB: HP (Multiple Products) - PML Driver HPZ12 Privilege Escalation
source: wwwsecurityfocuscom/bid/21935/info Multiple HP products are prone to a local privilege-escalation vulnerability An attacker can exploit this issue to gain SYSTEM-level privileges, completely compromising affected computers This issue affects HP products that use the 'PML Driver HPZ12' driver C:\sc config "pml driver hpz12" ...

References

NVD-CWE-Otherhttp://secway.org/advisory/AD20070108.txthttp://www.securityfocus.com/bid/21935http://secunia.com/advisories/23663http://securityreason.com/securityalert/2128http://osvdb.org/32654http://www.vupen.com/english/advisories/2007/0094https://exchange.xforce.ibmcloud.com/vulnerabilities/31361http://www.securityfocus.com/archive/1/456259/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/29403/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook