CVE-2011-4166

Directory traversal vulnerability in the MPAUploader.Uploader.1.UploadFiles method in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data...

CVE-2011-4168

Directory traversal vulnerability in hpmpa/jobDelivery/Default.asp in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data...

Directory traversal

Directory traversal vulnerability in hpmpa/jobDelivery/Default.asp in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data...

Code injection

Unspecified vulnerability in HP Managed Printing Administration before 2.6.4 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...

Directory traversal

Directory traversal vulnerability in the MPAUploader.Uploader.1.UploadFiles method in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data...

Stack overflow

Stack-based buffer overflow in MPAUploader.dll in HP Managed Printing Administration before 2.6.4 allows remote attackers to execute arbitrary code via a long filename parameter in an uploadfile action to Default.asp...

CVE-2011-4166

CVE-2011-4166 corresponds to a directory traversal vulnerability in HP Managed Printing Administration (MPA) in the MPAUploader.Uploader.1.UploadFiles() function. Affected software is HP MPA before version 2.6.4. The vulnerability permits remote attackers to create arbitrary files by submitting c...

CVE-2011-4167

CVE-2011-4167 : A stack-based buffer overflow in HP Managed Printing Administration (MPAUploader.dll) prior to v2.6.4 allows remote attackers to execute arbitrary code via a long filename parameter in an uploadfile action to Default.asp. Exploitation was reported against HP MPA before 2.6.4, enab...

CVE-2011-4169

HP Managed Printing Administration before 2.6.4 is affected by CVE-2011-4169. The vulnerability arises in the img_id parameter handling within multiple HP MP A scripts (imglist/imgselect, imgmap/bgselect, imgmap/imgselect) where input can be manipulated to perform SQL injection and directory trav...

CVE-2011-4166

Directory traversal vulnerability in the MPAUploader.Uploader.1.UploadFiles method in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data...

CVE-2011-4168

Directory traversal vulnerability in hpmpa/jobDelivery/Default.asp in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data...

CVE-2011-4169

Unspecified vulnerability in HP Managed Printing Administration before 2.6.4 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...

CVE-2011-4167

Stack-based buffer overflow in MPAUploader.dll in HP Managed Printing Administration before 2.6.4 allows remote attackers to execute arbitrary code via a long filename parameter in an uploadfile action to Default.asp...

CVE-2011-4168

Summary : CVE-2011-4168 affects HP Managed Printing Administration prior to v2.6.4. Affected component : hpmpa/jobDelivery/Default.asp within HP Managed Printing Administration. Root cause / vulnerability type : Directory traversal vulnerability that allows an attacker to influence file creation ...

HP Managed Printing Administration < 2.6.4 Multiple Vulnerabilities

Binary data 6113.prm...

ZDI-11-352 : HP Managed Printing Administration jobAcct Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-352 : HP Managed Printing Administration jobAcct Multiple Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-11-352 December 22, 2011 - -- CVE ID: CVE-2011-4166 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - -- Affected Vendors:...

ZDI-11-353 : HP Managed Printing Administration MPAUploader.dll Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-353 : HP Managed Printing Administration MPAUploader.dll Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-353 December 22, 2011 - -- CVE ID: CVE-2011-4167 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - --...

HP Managed Printing Administration MPAUploader.dll Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Managed Printing Administration. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MPAUploader.dll file. An extended length string can be passed...

HP Managed Printing Administration jobAcct Multiple Vulnerabilities

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Managed Printing Administration. Authentication is not required to exploit this vulnerability. There multiple classes of flaws within this product including arbitrary file creation, null char...

HPSBPI02732 SSRT100435 rev.2 - HP Managed Printing Administration, Remote Execution of Arbitrary Code and Other Vulnerabilities

Potential Security Impact Remote execution of arbitrary code, directory traversal, creation and deletion of arbitrary files, unauthorized access to application database VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Managed Printing Administration. These...