CVE-2009-3842

Unspecified vulnerability on the HP Color LaserJet M3530 Multifunction Printer with firmware 05.058.4 and the Color LaserJet CP3525 Printer with firmware 53.021.2 allows remote attackers to obtain "access to data" or cause a denial of service via unknown vectors.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://marc.info/?l=bugtraq&m=125864723627975&w=2	Patch
http://secunia.com/advisories/37433	Vendor Advisory
http://www.securityfocus.com/bid/37070
http://www.vupen.com/english/advisories/2009/3293

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:hp:color_laserjet_cp3525_printer:53:021.2::::::
	cpe:2.3:h:hp:color_laserjet_m3530_multifunction_printer:05.058.4:::::::*

History

No history.

Information

Published : 2009-11-20 17:30

Updated : 2009-12-19 06:59

NVD link : CVE-2009-3842

Mitre link : CVE-2009-3842

CVE.ORG link : CVE-2009-3842

JSON object : View

Products Affected

hp

color_laserjet_cp3525_printer
color_laserjet_m3530_multifunction_printer

CWE

NVD-CWE-noinfo

{"id": "CVE-2009-3842", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-11-20T17:30:00.530", "references": [{"url": "http://marc.info/?l=bugtraq&m=125864723627975&w=2", "tags": ["Patch"], "source": "hp-security-alert@hp.com"}, {"url": "http://secunia.com/advisories/37433", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "http://www.securityfocus.com/bid/37070", "source": "hp-security-alert@hp.com"}, {"url": "http://www.vupen.com/english/advisories/2009/3293", "source": "hp-security-alert@hp.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability on the HP Color LaserJet M3530 Multifunction Printer with firmware 05.058.4 and the Color LaserJet CP3525 Printer with firmware 53.021.2 allows remote attackers to obtain \"access to data\" or cause a denial of service via unknown vectors."}, {"lang": "es", "value": "Una vulnerabilidad no especificada en la impresora multifunci\u00f3n HP Color LaserJet M3530 con firmware v05.058.4 firmware y la Color LaserJet CP3525 con firmware v53.021.2 permite a atacantes remotos obtener \"acceso a los datos\" o provocar una denegaci\u00f3n de servicio a trav\u00e9s de vectores desconocidos."}], "lastModified": "2009-12-19T06:59:00.797", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hp:color_laserjet_cp3525_printer:53:021.2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FD3A17D-1047-4AFD-87AF-077B46F38556"}, {"criteria": "cpe:2.3:h:hp:color_laserjet_m3530_multifunction_printer:05.058.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3E54350-37C6-4052-B869-4C6EFEB5E0BE"}], "operator": "OR"}]}], "sourceIdentifier": "hp-security-alert@hp.com"}