Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
jvnJapan Vulnerability NotesJVN:11708203
HistorySep 13, 2019 - 12:00 a.m.

JVN#11708203: Multiple buffer overflow vulnerabilities in multiple Ricoh printers and Multifunction Printers (MFPs)

2019-09-1300:00:00
Japan Vulnerability Notes
jvn.jp
121

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.005 Low

EPSS

Percentile

76.1%

JSON

Multiple printers and Multifunction Printers (MFPs) provided by RICOH COMPANY, LTD. contain multiple buffer overflows vulnerabilities listed below.

Buffer overflow in parsing HTTP cookie header (CWE-119) - CVE-2019-14300

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8
CVSS v2 AV:N/AC:L/Au:N/C:P/I:P/A:P Base Score: 7.5

Buffer overflow in parsing HTTP parameter setting for Wifi, mDNS, POP3, SMTP and alert (CWE-119) - CVE-2019-14305

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8
CVSS v2 AV:N/AC:L/Au:N/C:P/I:P/A:P Base Score: 7.5

Buffer overflow in parsing HTTP parameter setting for SNMP (CWE-119) - CVE-2019-14307

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8
CVSS v2 AV:N/AC:L/Au:N/C:P/I:P/A:P Base Score: 7.5

Buffer overflow in parsing LPD packet (CWE-119) - CVE-2019-14308

Version Vector Score
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8
CVSS v2 AV:N/AC:L/Au:N/C:P/I:P/A:P Base Score: 7.5

Impact

A remote attacker may be able to cause a denial-of-service (DoS) condition or may execute arbitrary code.

Solution

Update the Firmware
Apply the appropriate firmware update according to the information provided by the developer.

Products Affected

A wide range of the products is affected.
For more information, refer to the information provided by the developer.

Related

openvas 2
nessus 4
nvd 4
prion 4
cve 4
cvelist 4
openvas
openvas
RICOH Printers Multiple Vulnerabilities (Aug 2019)
2019-09-02 00:00:00
RICOH Printers M C250FW, M C250FWB, P C300W, P C301W < 1.02 Multiple Vulnerabilities
2020-01-29 00:00:00
nessus
nessus
RICOH SP C250 Series Buffer Overflow (CVE-2019-14307)
2024-02-13 00:00:00
RICOH SP C250 Series Buffer Overflow (CVE-2019-14300)
2024-02-13 00:00:00
RICOH SP C250 Series Buffer Overflow (CVE-2019-14305)
2024-02-13 00:00:00
nvd
nvd
CVE-2019-14307
2019-08-26 15:15:11
CVE-2019-14300
2019-08-26 15:15:11
CVE-2019-14305
2019-08-26 15:15:11
prion
prion
Buffer overflow
2019-08-26 15:15:00
Buffer overflow
2019-08-26 15:15:00
Buffer overflow
2019-08-26 14:15:00
cve
cve
CVE-2019-14300
2019-08-26 15:15:11
CVE-2019-14307
2019-08-26 15:15:11
CVE-2019-14305
2019-08-26 15:15:11
cvelist
cvelist
CVE-2019-14300
2019-08-26 14:22:06
CVE-2019-14307
2019-08-26 14:18:04
CVE-2019-14308
2019-08-26 13:28:30

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.005 Low

EPSS

Percentile

76.1%

JSON
Related for JVN:11708203
openvas2nessus4nvd4prion4cve4cvelist4