Execution of arbitrary code or Denial of Service
Source: HP Product Security Response Team (PSRT)
Reported by: Check Point Software
Integer overflow in SOAP (Simple Object Access Protocol) function in Genivia gSOAP allows execution of arbitrary code or denial of service, aka Devil’s Ivy attack.
HP has provided firmware updates for impacted printers as indicated in the table below. Follow these steps to obtain the updated firmware:
Go to www.hp.com
Select Support at the top of the page, then click Software & drivers.
Enter the appropriate product name or model number from the table below into the search field.
Click Find.
Scroll down and click Firmware from the category list.
Click the Download button for appropriate firmware.