1. Home
  2. CVE Database
  3. CVE-2006-1654
MEDIUM · 5.0

CVE-2006-1654

Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Toolbox on Microsoft Windows before 20060402 allows remote attackers to read arbitrary files via a .. (d...

Vulnerability Description

Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Toolbox on Microsoft Windows before 20060402 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 5225.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:P/I:N/A:N
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
HpColor Laserjet 2500 ToolboxAll versions
HpColor Laserjet 4600 ToolboxAll versions
HpColor Laserjet4600dn
HpColor Laserjet 2500All versions
HpColor Laserjet 2500LAll versions
HpColor Laserjet 2500LseAll versions
HpColor Laserjet 2500NAll versions
HpColor Laserjet 2500TnAll versions
HpColor Laserjet 4600All versions

References

FAQ

What is CVE-2006-1654?

CVE-2006-1654 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Toolbox on Microsoft Windows before 20060402 allows remote attackers to read arbitrary files via a .. (d...

How severe is CVE-2006-1654?

CVE-2006-1654 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-1654?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Color Laserjet 2500 Toolbox, Hp Color Laserjet 4600 Toolbox, Hp Color Laserjet, Hp Color Laserjet 2500, Hp Color Laserjet 2500L.