PT-2019-2242 · Hewlett Packard · Hp Laserjet Pro Mfp M28-M31+1

Publicado

2019-05-31

Atualizado

2019-10-24

CVE-2019-6327

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions HP Color LaserJet Pro M280-M281 Multifunction Printer series versions before 20190419 HP LaserJet Pro MFP M28-M31 Printer series versions before 20190426

Description The issue is related to a potential Buffer Overflow in the IPP Parser. It may also be associated with a Cross-Site Request Forgery (CSRF) vulnerability in the HP Color LaserJet Pro printer series' firmware, which could allow a remote attacker to cause a denial of service.

Recommendations For HP Color LaserJet Pro M280-M281 Multifunction Printer series versions before 20190419, update to a version 20190419 or later. For HP LaserJet Pro MFP M28-M31 Printer series versions before 20190426, update to a version 20190426 or later.

Correção

CSRF

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-352CWE-120

Identificadores relacionados

BDU:2019-02013

CVE-2019-6327

Produtos afetados

Hp Color Laserjet Pro M280-M281

Hp Laserjet Pro Mfp M28-M31

PT-2019-2242 · Hewlett Packard · Hp Laserjet Pro Mfp M28-M31+1

CVE-2019-6327

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4