CVE-2007-0161

Name of the Vulnerable Software and Affected Versions HP all-in-one drivers (affected versions not specified)

Description The issue concerns the PML Driver HPZ12, specifically the HPZipm12.exe file, which has insecure SERVICE CHANGE CONFIG DACL permissions. This allows local users to gain privileges and execute arbitrary programs. For example, this can be achieved by modifying the binpath argument.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.