ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services.
References
Link | Resource |
---|---|
http://online.securityfocus.com/advisories/4317 | Broken Link Patch Third Party Advisory VDB Entry Vendor Advisory |
http://www.iss.net/security_center/static/9695.php | Broken Link |
http://www.phenoelit.de/stuff/HP_Chai.txt | Broken Link Vendor Advisory |
http://www.securityfocus.com/archive/1/284648 | Broken Link Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/5334 | Broken Link Third Party Advisory VDB Entry |
http://online.securityfocus.com/advisories/4317 | Broken Link Patch Third Party Advisory VDB Entry Vendor Advisory |
http://www.iss.net/security_center/static/9695.php | Broken Link |
http://www.phenoelit.de/stuff/HP_Chai.txt | Broken Link Vendor Advisory |
http://www.securityfocus.com/archive/1/284648 | Broken Link Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/5334 | Broken Link Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
History
20 Nov 2024, 23:42
Type | Values Removed | Values Added |
---|---|---|
References | () http://online.securityfocus.com/advisories/4317 - Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory | |
References | () http://www.iss.net/security_center/static/9695.php - Broken Link | |
References | () http://www.phenoelit.de/stuff/HP_Chai.txt - Broken Link, Vendor Advisory | |
References | () http://www.securityfocus.com/archive/1/284648 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/bid/5334 - Broken Link, Third Party Advisory, VDB Entry |
08 Feb 2024, 20:47
Type | Values Removed | Values Added |
---|---|---|
First Time |
Hp laserjet 4500
Hp laserjet 4100 Hp laserjet 8150 Hp laserjet 4550 Hp chaivm Ezloader |
|
CWE | CWE-347 | |
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 7.8 |
CPE | cpe:2.3:h:hp:laserjet_4100:-:*:*:*:*:*:*:* cpe:2.3:h:hp:laserjet_4500:-:*:*:*:*:*:*:* cpe:2.3:h:hp:laserjet_4550:-:*:*:*:*:*:*:* cpe:2.3:h:hp:laserjet_8150:-:*:*:*:*:*:*:* cpe:2.3:a:hp:chaivm_ezloader:-:*:*:*:*:*:*:* |
|
References | (MISC) http://www.phenoelit.de/stuff/HP_Chai.txt - Broken Link, Vendor Advisory | |
References | (XF) http://www.iss.net/security_center/static/9695.php - Broken Link | |
References | (BUGTRAQ) http://www.securityfocus.com/archive/1/284648 - Broken Link, Third Party Advisory, VDB Entry | |
References | (HP) http://online.securityfocus.com/advisories/4317 - Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory | |
References | (BID) http://www.securityfocus.com/bid/5334 - Broken Link, Third Party Advisory, VDB Entry |
Information
Published : 2002-12-31 05:00
Updated : 2024-11-20 23:42
NVD link : CVE-2002-1796
Mitre link : CVE-2002-1796
CVE.ORG link : CVE-2002-1796
JSON object : View
Products Affected
hp
- laserjet_4500
- chaivm_ezloader
- laserjet_4550
- laserjet_4100
- laserjet_8150
CWE
CWE-347
Improper Verification of Cryptographic Signature