12 matches found
HP Printer Cross-Site Request Forgery (CVE-2009-0940)
Multiple cross-site request forgery CSRF vulnerabilities in the HP Embedded Web Server EWS on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that 1 print documents via unknown vectors, 2 modif...
EUVD-2009-2677
Malware in sbrugna...
[security bulletin] HPSBPI02728 SSRT100692 rev.1 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03102449 Version: 1 HPSBPI02728 SSRT100692 rev.1 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default NOTICE: The information in this Security Bulletin should b...
HPSBPI02728 SSRT100692 rev.7 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default
Potential Security Impact Remote firmware update enabled by default VULNERABILITY SUMMARY In November, 2011, a potential security vulnerability was identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware...
CVE-2009-2684
CVE-2009-2684 concerns stored XSS in HP LaserJet/Color LaserJet printer web interfaces (Jetdirect and Embedded Web Server) and HP Digital Senders. The vulnerability enables remote attackers to inject arbitrary web script or HTML through the parameters (1) Product_URL and (2) Tech_URL in the suppo...
[DSECRG-09-048] HP LaserJet printers - Multiple Stored XSS vulnerabilities
Digital Security Research Group DSecRG Advisory DSECRG-09-048 http://dsecrg.ru/pages/vul/show.php?id=148 Application: HP LaserJet printer web interface Vulnerable: HP LaserJet 2200, 4350, 4600, 5500, and many others Vendor URL: http://www.hp.com/ Bug: Multiple Stored XSS Vulnerabilities Exploits:...
HP LaserJet Printers - Multiple Persistent Cross-Site Scripting Vulnerabilities
Digital Security Research Group DSecRG Advisory DSECRG-09-048 http://dsecrg.ru/pages/vul/show.php?id=148 Application: HP LaserJet printer web interface Vulnerable: HP LaserJet 2200, 4350, 4600, 5500, and many others Vendor URL: http://www.hp.com/ Bug: Multiple Stored XSS Vulnerabilities Exploits:...
HP Multiple LasterJet Printer xss
No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-09-048 http://dsecrg.ru/pages/vul/show.php?id=148 Application: HP LaserJet printer web interface Vulnerable: HP LaserJet 2200, 4350, 4600, 5500, and many others Vendor URL: http://www.hp.com/ Bug: Multiple...
CVE-2009-0941
The CVE-2009-0941 entry concerns the HP Embedded Web Server (EWS) used by HP LaserJet, Edgeline Printers, and Digital Senders. The vulnerability is due to the device exposing an interface with no management password by default, which can enable remote access. According to the NVD entry, this is a...
CVE-2009-0940
Multiple cross-site request forgery CSRF vulnerabilities in the HP Embedded Web Server EWS on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that 1 print documents via unknown vectors, 2 modif...
CVE-2009-0940
The CVE-2009-0940 entry describes multiple CSRF vulnerabilities in the HP Embedded Web Server (EWS) used by HP LaserJet printers, Edgeline printers, and Digital Senders. The vulnerabilities allow an attacker to hijack a user’s intranet connectivity to perform requests such as (1) printing documen...
HPSBPI02398 SSRT080166 rev.7 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files
Potential Security Impact Remote unauthorized access to files VULNERABILITY SUMMARY A potential security vulnerability has been identified with certain HP LaserJet printers, HP Color LaserJet printers and HP Digital Senders. The vulnerability could be exploited remotely to gain unauthorized acces...