Vulnerability Description
ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Chaivm Ezloader | - |
| Hp | Laserjet 4100 | - |
| Hp | Laserjet 4500 | - |
| Hp | Laserjet 4550 | - |
| Hp | Laserjet 8150 | - |
Related Weaknesses (CWE)
References
- http://online.securityfocus.com/advisories/4317Broken LinkPatchThird Party Advisory
- http://www.iss.net/security_center/static/9695.phpBroken Link
- http://www.phenoelit.de/stuff/HP_Chai.txtBroken LinkVendor Advisory
- http://www.securityfocus.com/archive/1/284648Broken LinkThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/5334Broken LinkThird Party AdvisoryVDB Entry
- http://online.securityfocus.com/advisories/4317Broken LinkPatchThird Party Advisory
- http://www.iss.net/security_center/static/9695.phpBroken Link
- http://www.phenoelit.de/stuff/HP_Chai.txtBroken LinkVendor Advisory
- http://www.securityfocus.com/archive/1/284648Broken LinkThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/5334Broken LinkThird Party AdvisoryVDB Entry
FAQ
What is CVE-2002-1796?
CVE-2002-1796 is a vulnerability with a CVSS score of 7.8 (HIGH). ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services.
How severe is CVE-2002-1796?
CVE-2002-1796 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1796?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Chaivm Ezloader, Hp Laserjet 4100, Hp Laserjet 4500, Hp Laserjet 4550, Hp Laserjet 8150.