CVE-2018-17944

On certain Lexmark devices that communicate with an LDAP or SMTP server, a malicious administrator can discover LDAP or SMTP credentials by changing that server's hostname to one that they control, and then capturing the credentials that are sent there. This occurs because stored credentials are...

Lexmark Printer Shortcut Integrity Vulnerability (CVE-2019-6489)

Certain Lexmark CX, MX, X, XC, XM, XS, and 6500e devices allow remote attackers to erase stored shortcuts. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Multiple Lexmark Product Input Validation Vulnerabilities

Lexmark is an American developer and manufacturer of printers. An input validation vulnerability exists in multiple Lexmark products, which could be exploited by an attacker to perform a delete operation...

CVE-2019-6489

Certain Lexmark CX, MX, X, XC, XM, XS, and 6500e devices before 2019-02-11 allow remote attackers to erase stored shortcuts...

Code injection

Certain Lexmark CX, MX, X, XC, XM, XS, and 6500e devices before 2019-02-11 allow remote attackers to erase stored shortcuts...

CVE-2019-6489

Certain Lexmark CX, MX, X, XC, XM, XS, and 6500e devices before 2019-02-11 allow remote attackers to erase stored shortcuts...

CVE-2019-6489

The vulnerability CVE-2019-6489 affects Lexmark devices: CX, MX, X, XC, XM, XS, and 6500e printers. The public description states that, prior to 2019-02-11, remote attackers could erase stored shortcuts, implying an issue with how input is handled by the device. Connected sources align on the sam...

CVE-2019-6489

Certain Lexmark CX, MX, X, XC, XM, XS, and 6500e devices before 2019-02-11 allow remote attackers to erase stored shortcuts...

Lexmark Printer Buffer Overflow Vulnerability (CVE-2018-15520)

Multiple Lexmark printers are prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Lexmark Printer Buffer Overflow Vulnerability (CVE-2018-15519)

Multiple Lexmark printers are prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

User ‘Gross Negligence’ Leaves Hundreds of Lexmark Printers Open to Attack

UPDATE Researchers at NewSky Security have found hundreds of Lexmark printers misconfigured, open to the public internet and easily accessible to anyone interested in taking control of targeted devices. Researchers identified 1,123 Lexmark printers traced back to businesses, universities and in...

Lexmark Perceptive Document Filters CBFF Code Execution Vulnerability(CVE-2016-5646)

Description An exploitable heap overflow vulnerability exists in the Compound Binary File Format CBFF parser functionality of Lexmark Perceptive Document Filters library. A specially crafted CBFF file can cause a code execution. An attacker can send a malformed file to trigger this vulnerability...

LexMark Perceptive Document Filters XLS Convert Code Execution Vulnerability(CVE-2016-4335)

Description An exploitable buffer overflow exists in the XLS parsing of the Perspective Document Filters conversion functionality. A crafted XLS document can lead to a stack based buffer overflow resulting in remote code execution. Tested Versions Lexmark Perceptive Document Filters Product URLs...

Lexmark Perceptive Document Filters XLS ShapeHLink Information Disclosure Vulnerability(CVE-2017-2806)

Summary An exploitable arbitrary read exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a arbitrary read resulting in memory disclosure. The vulnerability was confirmed on versions 11.3.0.2228 and 11.3.0.2400 Tested...

Lexmark LibISYSpdf Image Rendering DCTStream::getBlock() Code Execution Vulnerability(CVE-2017-2822)

Summary An exploitable code execution vulnerability exists in the image rendering functionality of Lexmark Perceptive Document Filters 11.3.0.2400. A specifically crafted PDF can cause a function call on a corrupted DCTStream to occur, resulting in user controlled data being written to the stack....

Lexmark Perceptive Document Filters PDF GfxFont Code Execution Vulnerability(CVE-2017-2821)

Summary An exploitable use-after-free exists in the PDF parsing functionality of the Lexmark Perspective Document Filters 11.3.0.2400 and 11.4.0.2452. A crafted PDF document can lead to a use-after-free resulting in direct code execution. Tested Versions Lexmark Perceptive Document Filters...

CVE-2017-13771

Lexmark Scan To Network SNF 3.2.9 and earlier stores network configuration credentials in plaintext and transmits them in requests, which allows remote attackers to obtain sensitive information via requests to 1 cgi-bin/direct/printer/prtappauth/apps/snfDestServlet or 2...

CVE-2017-13771

Lexmark Scan To Network SNF 3.2.9 and earlier stores network configuration credentials in plaintext and transmits them in requests, which allows remote attackers to obtain sensitive information via requests to 1 cgi-bin/direct/printer/prtappauth/apps/snfDestServlet or 2...

CVE-2017-13771

CVE-2017-13771 affects Lexmark Scan To Network (SNF)

Lexmark Perspective Document Filters Remote Code Execution Vulnerability

Lexmark Perspective Document Filters is a single software development kit SDK for depth checking, formatting, output manipulation and viewing of virtually any type of content. A remote code execution vulnerability exists in Lexmark Perspective Document Filters versions 11.3.0.2400 and 11.4.0.2452...