CVE-2019-10627 — CRITICAL (9.8)

Q: How severe is CVE-2019-10627?

CVE-2019-10627 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2019-10627?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Ips, Hp D9L63A Firmware, Hp D9L63A, Hp D9L64A Firmware, Hp D9L64A.

Vulnerability Description

Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS versions prior to 2019.2

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Qualcomm	Ips	< 2019.2
Hp	D9L63A Firmware	< 001.1937c
Hp	D9L63A	-
Hp	D9L64A Firmware	< 001.1937c
Hp	D9L64A	-
Hp	T0G70A Firmware	< 001.1937c
Hp	T0G70A	-
Hp	J3P65A Firmware	< 001.1937c
Hp	J3P65A	-
Hp	J3P68A Firmware	< 001.1937c
Hp	J3P68A	-
Hp	J6U57A Firmware	< 001.1937d
Hp	J6U57A	-
Hp	J6U57B Firmware	< 001.1937d
Hp	J6U57B	-
Hp	J9V80A Firmware	< 001.1937d
Hp	J9V80A	-
Hp	J9V80B Firmware	< 001.1937d
Hp	J9V80B	-
Hp	J6U55A Firmware	< 001.1937d

Related Weaknesses (CWE)

CWE-119 CWE-190 CWE-131

References

https://support.hp.com/us-en/document/c06458150Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletiThird Party Advisory
https://support.hp.com/us-en/document/c06458150Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletiThird Party Advisory

FAQ

What is CVE-2019-10627?

CVE-2019-10627 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and ...

How severe is CVE-2019-10627?

CVE-2019-10627 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2019-10627?

Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Ips, Hp D9L63A Firmware, Hp D9L63A, Hp D9L64A Firmware, Hp D9L64A.