Main Vulnerability Database SB2014100810

SB2014100810 - Multiple vulnerabilities in HP Sprinter

Published: October 8, 2014 Updated: April 18, 2023

Security Bulletin ID SB2014100810

Severity

Medium

Patch available

YES

Number of vulnerabilities 4

Exploitation vector Remote access

Highest impact Data manipulation

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Input validation error (CVE-ID: CVE-2014-2635)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2343.

2) Input validation error (CVE-ID: CVE-2014-2636)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2336.

3) Input validation error (CVE-ID: CVE-2014-2637)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2342.

4) Input validation error (CVE-ID: CVE-2014-2638)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Unspecified vulnerability in HP Sprinter 12.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2344.

Install update from vendor's website.