Vulnerability Description
Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Color Laserjet 3000 | q7534a |
| Hp | Color Laserjet 3800 | q5981a |
| Hp | Color Laserjet 4700 | q7492a |
| Hp | Color Laserjet 4730 Mfp | cb480a |
| Hp | Color Laserjet 5550 | q3714a |
| Hp | Color Laserjet 9500 Mfp | c8549a |
| Hp | Color Laserjet Cm6030 Mfp | ce664a |
| Hp | Color Laserjet Cm6040 Mfp | q3939a |
| Hp | Color Laserjet Cp3505 | cb442a |
| Hp | Color Laserjet Cp3525 | cc469a |
| Hp | Color Laserjet Cp4005 | cb503a |
| Hp | Color Laserjet Cp6015 | q3932a |
| Hp | Color Laserjet Enterprise Cp4025 | cc490a |
| Hp | Color Laserjet Enterprise Cp4525 | cc493a |
| Hp | Digital Sender 9250C | cb472a |
| Hp | Laserjet 4240 | q7785a |
| Hp | Laserjet 4250 | q5400a |
| Hp | Laserjet 4345 Mfp | q3942a |
| Hp | Laserjet 4350 | q5407a |
| Hp | Laserjet 5200L | q7543a |
References
- http://www.verisigninc.com/en_US/products-and-services/network-intelligence-avai
- https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c0Vendor Advisory
- http://www.verisigninc.com/en_US/products-and-services/network-intelligence-avai
- https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c0Vendor Advisory
FAQ
What is CVE-2012-5221?
CVE-2012-5221 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3x...
How severe is CVE-2012-5221?
CVE-2012-5221 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-5221?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Color Laserjet 3000, Hp Color Laserjet 3800, Hp Color Laserjet 4700, Hp Color Laserjet 4730 Mfp, Hp Color Laserjet 5550.