CVE-2010-3920

The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the "C:\Program Files" folder, which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:h:epson:lp-s7100:*:*:*:*:*:*:*:*
OR cpe:2.3:a:epson:lp-s7100_driver_4.1.0:*:*:*:*:*:*:*:*
cpe:2.3:a:epson:lp-s7100_driver_4.1.7:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:h:epson:lp-s9000:*:*:*:*:*:*:*:*
OR cpe:2.3:a:epson:lp-s9000_driver_4.1.0:*:*:*:*:*:*:*:*
cpe:2.3:a:epson:lp-s9000_driver_4.1.11:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2010-12-08 20:00

Updated : 2024-02-28 11:41


NVD link : CVE-2010-3920

Mitre link : CVE-2010-3920

CVE.ORG link : CVE-2010-3920


JSON object : View

Products Affected

epson

  • lp-s7100_driver_4.1.0
  • lp-s7100
  • lp-s7100_driver_4.1.7
  • lp-s9000_driver_4.1.0
  • lp-s9000_driver_4.1.11
  • lp-s9000
CWE
CWE-264

Permissions, Privileges, and Access Controls