{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-04-25T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-12-23T21:57:01", "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "shortName": "hp"}, "references": [{"name": "HPSBPI02869", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742"}, {"name": "SSRT100936", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742"}, {"name": "20130426 Hewlett-Packard Multiple Printers PostScript Interpreter Directory Traversal Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1023"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "hp-security-alert@hp.com", "ID": "CVE-2012-5221", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "HPSBPI02869", "refsource": "HP", "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742"}, {"name": "SSRT100936", "refsource": "HP", "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742"}, {"name": "20130426 Hewlett-Packard Multiple Printers PostScript Interpreter Directory Traversal Vulnerability", "refsource": "IDEFENSE", "url": "http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1023"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T20:58:03.213Z"}, "title": "CVE Program Container", "references": [{"name": "HPSBPI02869", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742"}, {"name": "SSRT100936", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742"}, {"name": "20130426 Hewlett-Packard Multiple Printers PostScript Interpreter Directory Traversal Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1023"}]}]}, "cveMetadata": {"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "assignerShortName": "hp", "cveId": "CVE-2012-5221", "datePublished": "2013-04-29T21:00:00", "dateReserved": "2012-10-01T00:00:00", "dateUpdated": "2024-08-06T20:58:03.213Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:hp:color_laserjet_3000:q7534a:*:*:*:*:*:*:*", "matchCriteriaId": "5F29EB4F-23B6-4875-8205-082A2691C652", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet_3800:q5981a:*:*:*:*:*:*:*", "matchCriteriaId": "84F21488-DCD7-48B9-A8A3-9631B59DB078", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet_4700:q7492a:*:*:*:*:*:*:*", "matchCriteriaId": "CE7F42C9-3C34-4631-949F-CF663D263367", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet_4730_mfp:cb480a:*:*:*:*:*:*:*", "matchCriteriaId": "ED28FCCA-8127-4240-97BC-CBB075B0ABC2", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet_5550:q3714a:*:*:*:*:*:*:*", "matchCriteriaId": "84B6EFDF-C99F-425C-A90A-2D3E7FF0DEF7", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet_9500_mfp:c8549a:*:*:*:*:*:*:*", "matchCriteriaId": "83AE0FF2-987B-4649-BB62-7C8264411A0C", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet_cm6030_mfp:ce664a:*:*:*:*:*:*:*", "matchCriteriaId": "6AA57C0C-3BDB-4142-A6BC-091BDA7DFBFE", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet_cm6040_mfp:q3939a:*:*:*:*:*:*:*", "matchCriteriaId": "F898C744-5304-4A09-AA2B-FB0807EB0E9D", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet_cp3505:cb442a:*:*:*:*:*:*:*", "matchCriteriaId": "92C41C33-22A8-40D1-AEE0-30F1AE68ECE6", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet_cp3525:cc469a:*:*:*:*:*:*:*", "matchCriteriaId": "3C6F8A9C-3CB7-4ED7-A429-B38756C38DF6", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet_cp4005:cb503a:*:*:*:*:*:*:*", "matchCriteriaId": "CF9C45B9-754F-48F4-9AAB-89F6EAA75DD7", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet_cp6015:q3932a:*:*:*:*:*:*:*", "matchCriteriaId": "E6401654-D769-4EF0-87BF-75AE3E1B2AC0", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet_enterprise_cp4025:cc490a:*:*:*:*:*:*:*", "matchCriteriaId": "891EEE00-61A5-4FD5-8EBB-B35B077C8BE6", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:color_laserjet_enterprise_cp4525:cc493a:*:*:*:*:*:*:*", "matchCriteriaId": "B7F925A9-96FE-4F0D-ADA6-DB7A9690A0C1", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:digital_sender_9250c:cb472a:*:*:*:*:*:*:*", "matchCriteriaId": "EAF4BAA8-430F-4448-A454-64FC333E5904", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_4240:q7785a:*:*:*:*:*:*:*", "matchCriteriaId": "768B6070-68EB-4748-A4D2-7C99FD7A5669", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_4250:q5400a:*:*:*:*:*:*:*", "matchCriteriaId": "86E90120-D1E4-4569-BCF4-6E2AE0AB04DB", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_4345_mfp:q3942a:*:*:*:*:*:*:*", "matchCriteriaId": "FAF59890-654A-4AEE-BF52-93E7AA796046", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_4350:q5407a:*:*:*:*:*:*:*", "matchCriteriaId": "7F596D16-490E-4950-8A9B-5241906ED5B1", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_5200l:q7543a:*:*:*:*:*:*:*", "matchCriteriaId": "D60111B2-DAC6-4FB1-9921-B6550CAAD4C2", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_5200n:q7543a:*:*:*:*:*:*:*", "matchCriteriaId": "82F8D5DE-1D66-4F1E-B273-233814F0CC99", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_9040:q7697a:*:*:*:*:*:*:*", "matchCriteriaId": "D40FF37E-F95A-429D-BC5B-F48D7C47C88D", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_9040_mfp:q3721a:*:*:*:*:*:*:*", "matchCriteriaId": "162B0C2C-8C9C-467D-A309-8DDA7CE72B63", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_9050:q7697a:*:*:*:*:*:*:*", "matchCriteriaId": "660788B3-D2B6-4118-B443-9DE177FBE156", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_9050_mfp:q3721a:*:*:*:*:*:*:*", "matchCriteriaId": "69E39058-9565-4C1B-BB71-553ECB274216", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_enterprise_p3015:ce526a:*:*:*:*:*:*:*", "matchCriteriaId": "33ABE7DA-88CD-468B-9285-FE1509BA7D68", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_m3027_mfp:cb416a:*:*:*:*:*:*:*", "matchCriteriaId": "BD3A0981-F09D-47B4-B441-3497291A9413", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_m3035_mfp:cb414a:*:*:*:*:*:*:*", "matchCriteriaId": "008B528D-EBA7-4CC5-8E2F-F68D78222E45", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_m3035_mfp:cc519a:*:*:*:*:*:*:*", "matchCriteriaId": "AA629824-72AF-40A5-8427-F5AFDE3AEBC1", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_m4345_mfp:cb425a:*:*:*:*:*:*:*", "matchCriteriaId": "D94328FB-B382-4231-8A4E-32C9AE7B8D33", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_m5025_mfp:q7840a:*:*:*:*:*:*:*", "matchCriteriaId": "331317DD-0827-45B0-B2B9-A3713B3AA767", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_m5035_mfp:q7829a:*:*:*:*:*:*:*", "matchCriteriaId": "AC132570-AB09-41CE-A3CF-755C9791171F", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_m9040_mpf:cc394a:*:*:*:*:*:*:*", "matchCriteriaId": "EBB5A6D2-CFE3-4F7C-BD24-024D37836A65", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_m9050_mpf:cc395a:*:*:*:*:*:*:*", "matchCriteriaId": "E82E7BE5-3B46-47C2-A560-7C11CD8B361A", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_p3005:q7812a:*:*:*:*:*:*:*", "matchCriteriaId": "98B48314-2048-4856-80DA-EA08466EF53C", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_p4014:cb507a:*:*:*:*:*:*:*", "matchCriteriaId": "3D5FE9B2-99DD-4A4F-8914-B1DC6EA3B6C8", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_p4015:cb509a:*:*:*:*:*:*:*", "matchCriteriaId": "F95EFE75-1428-4461-9062-56952EB96D32", "vulnerable": true}, {"criteria": "cpe:2.3:h:hp:laserjet_p4515:cb514a:*:*:*:*:*:*:*", "matchCriteriaId": "EACC9283-F37A-426B-9AD9-05B2F8D6325D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005 y P4xxx; LaserJet Enterprise P3015; 3xxx Color LaserJet, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005 y CP6015, Color LaserJet Enterprise CP4xxx y digital Sender 9250c con firmware hasta la version v52.x permite a atacantes remotos leer archivos de su elecci\u00f3n a trav\u00e9s de vectores desconocidos."}], "id": "CVE-2012-5221", "lastModified": "2013-12-31T04:19:32.537", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-04-29T21:55:00.997", "references": [{"source": "hp-security-alert@hp.com", "url": "http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1023"}, {"source": "hp-security-alert@hp.com", "tags": ["Vendor Advisory"], "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742"}], "sourceIdentifier": "hp-security-alert@hp.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}