Computer Security
[EN] securityvulns.ru no-pyccku


HP Managed Printing Administration multiple security vulnerabilities
updated since 26.12.2011
Published:09.01.2012
Source:
SecurityVulns ID:12115
Type:remote
Threat Level:
6/10
Description:Buffer overflows, unauthorized files access, directory raversal.
CVE:CVE-2011-4169 (Unspecified vulnerability in HP Managed Printing Administration before 2.6.4 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.)
 CVE-2011-4168 (Directory traversal vulnerability in hpmpa/jobDelivery/Default.asp in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data.)
 CVE-2011-4167 (Stack-based buffer overflow in MPAUploader.dll in HP Managed Printing Administration before 2.6.4 allows remote attackers to execute arbitrary code via a long filename parameter in an uploadfile action to Default.asp.)
 CVE-2011-4166 (Directory traversal vulnerability in the MPAUploader.Uploader.1.UploadFiles method in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data.)
Original documentdocumentHP, [security bulletin] HPSBPI02732 SSRT100435 rev.1 - HP Managed Printing Administration, Remote Execution of Arbitrary Code and Other Vulnerabilities (09.01.2012)
 documentZDI, ZDI-12-001 : HP Managed Printing Administration img_id Multiple Vulnerabilities (09.01.2012)
 documentZDI, ZDI-11-354 : HP Managed Printing Administration jobDelivery Multiple Vulnerabilities (26.12.2011)
 documentZDI, ZDI-11-353 : HP Managed Printing Administration MPAUploader.dll Remote Code Execution Vulnerability (26.12.2011)
 documentZDI, ZDI-11-352 : HP Managed Printing Administration jobAcct Multiple Vulnerabilities (26.12.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod