CVE-2002-1796

ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services.
References
Link Resource
http://online.securityfocus.com/advisories/4317 Broken Link Patch Third Party Advisory VDB Entry Vendor Advisory
http://www.iss.net/security_center/static/9695.php Broken Link
http://www.phenoelit.de/stuff/HP_Chai.txt Broken Link Vendor Advisory
http://www.securityfocus.com/archive/1/284648 Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/5334 Broken Link Third Party Advisory VDB Entry
http://online.securityfocus.com/advisories/4317 Broken Link Patch Third Party Advisory VDB Entry Vendor Advisory
http://www.iss.net/security_center/static/9695.php Broken Link
http://www.phenoelit.de/stuff/HP_Chai.txt Broken Link Vendor Advisory
http://www.securityfocus.com/archive/1/284648 Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/5334 Broken Link Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:hp:chaivm_ezloader:-:*:*:*:*:*:*:*
OR cpe:2.3:h:hp:laserjet_4100:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_4500:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_4550:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_8150:-:*:*:*:*:*:*:*

History

20 Nov 2024, 23:42

Type Values Removed Values Added
References () http://online.securityfocus.com/advisories/4317 - Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory () http://online.securityfocus.com/advisories/4317 - Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory
References () http://www.iss.net/security_center/static/9695.php - Broken Link () http://www.iss.net/security_center/static/9695.php - Broken Link
References () http://www.phenoelit.de/stuff/HP_Chai.txt - Broken Link, Vendor Advisory () http://www.phenoelit.de/stuff/HP_Chai.txt - Broken Link, Vendor Advisory
References () http://www.securityfocus.com/archive/1/284648 - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/archive/1/284648 - Broken Link, Third Party Advisory, VDB Entry
References () http://www.securityfocus.com/bid/5334 - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/5334 - Broken Link, Third Party Advisory, VDB Entry

08 Feb 2024, 20:47

Type Values Removed Values Added
First Time Hp laserjet 4500
Hp laserjet 4100
Hp laserjet 8150
Hp laserjet 4550
Hp chaivm Ezloader
CWE NVD-CWE-Other CWE-347
CVSS v2 : 4.6
v3 : unknown
v2 : 4.6
v3 : 7.8
CPE cpe:2.3:a:hp:chaivm:*:*:*:*:*:*:*:* cpe:2.3:h:hp:laserjet_4100:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_4500:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_4550:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:laserjet_8150:-:*:*:*:*:*:*:*
cpe:2.3:a:hp:chaivm_ezloader:-:*:*:*:*:*:*:*
References (MISC) http://www.phenoelit.de/stuff/HP_Chai.txt - Vendor Advisory (MISC) http://www.phenoelit.de/stuff/HP_Chai.txt - Broken Link, Vendor Advisory
References (XF) http://www.iss.net/security_center/static/9695.php - (XF) http://www.iss.net/security_center/static/9695.php - Broken Link
References (BUGTRAQ) http://www.securityfocus.com/archive/1/284648 - (BUGTRAQ) http://www.securityfocus.com/archive/1/284648 - Broken Link, Third Party Advisory, VDB Entry
References (HP) http://online.securityfocus.com/advisories/4317 - Patch, Vendor Advisory (HP) http://online.securityfocus.com/advisories/4317 - Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory
References (BID) http://www.securityfocus.com/bid/5334 - (BID) http://www.securityfocus.com/bid/5334 - Broken Link, Third Party Advisory, VDB Entry

Information

Published : 2002-12-31 05:00

Updated : 2024-11-20 23:42


NVD link : CVE-2002-1796

Mitre link : CVE-2002-1796

CVE.ORG link : CVE-2002-1796


JSON object : View

Products Affected

hp

  • laserjet_4500
  • chaivm_ezloader
  • laserjet_4550
  • laserjet_4100
  • laserjet_8150
CWE
CWE-347

Improper Verification of Cryptographic Signature