9.1
CVE-2019-16240
- EPSS 0.92%
- Published 09.11.2021 15:15:08
- Last modified 21.11.2024 04:30:21
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
A Buffer Overflow and Information Disclosure issue exists in HP OfficeJet Pro Printers before 001.1937C, and HP PageWide Managed Printers and HP PageWide Pro Printers before 001.1937D exists; A maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device.
Data is provided by the National Vulnerability Database (NVD)
Hp ≫ Pagewide Pro 577z K9z76a Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 577z K9z76b Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 577z K9z76d Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 577dw D3q21a Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 577dw D3q21b Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 577dw D3q21c Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 577dw D3q21d Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 552dw 2dr21d Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 552dw D3q17a Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 552dw D3q17d Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 552dw K9z74a Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 552dw K9z74d Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 477dw D3q20a Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 477dw D3q20b Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 477dw D3q20c Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 477dw D3q20d Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 477dw W2z53b Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 477dn D3q19d Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 477dn D3q19b Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 477dn D3q19a Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 452dw W2z52b Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 452dw D3q16d Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 452dw D3q16a Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 452dn D3q15d Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 452dn D3q15b Firmware Version < 001.1937d
Hp ≫ Pagewide Pro 452dn D3q15a Firmware Version < 001.1937d
Hp ≫ Pagewide Managed P52750dw J9v78b Firmware Version < 001.1937d
Hp ≫ Pagewide Managed P52750dw J9v82d Firmware Version < 001.1937d
Hp ≫ Pagewide Managed P52750dw J9v82a Firmware Version < 001.1937d
Hp ≫ Pagewide Managed P57750dw J9v78b Firmware Version < 001.1937d
Hp ≫ Pagewide Managed P57750dw J9v82d Firmware Version < 001.1937d
Hp ≫ Pagewide Managed P57750dw J9v82a Firmware Version < 001.1937d
Hp ≫ Pagewide Managed P55250dw J6u51b Firmware Version < 001.1937d
Hp ≫ Pagewide Managed P55250dw J6u55d Firmware Version < 001.1937d
Hp ≫ Pagewide Managed P55250dw J6u55a Firmware Version < 001.1937d
Hp ≫ Pagewide 377dw J9v80b Firmware Version < 001.1937d
Hp ≫ Pagewide 377dw J9v80a Firmware Version < 001.1937d
Hp ≫ Pagewide 352dw J6u57b Firmware Version < 001.1937d
Hp ≫ Pagewide 352dw J6u57a Firmware Version < 001.1937d
Hp ≫ Officejet Pro 8210 D9l63a Firmware Version < 001.1937c
Hp ≫ Officejet Pro 8210 D9l64a Firmware Version < 001.1937c
Hp ≫ Officejet Pro 8210 J3p65a Firmware Version < 001.1937c
Hp ≫ Officejet Pro 8210 J3p68a Firmware Version < 001.1937c
Hp ≫ Officejet Pro 8210 T0g70a Firmware Version < 001.1937c
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.92% | 0.751 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:P
|
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.