Description
Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
x_refsource_hp
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742
Various Sources third-party-advisory
x_refsource_idefense
http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1023
Scores
EPSS
0.0206
EPSS Percentile
84.1%
Details
Status
published
Products (38)
hp/color_laserjet_3000
q7534a
hp/color_laserjet_3800
q5981a
hp/color_laserjet_4700
q7492a
hp/color_laserjet_4730_mfp
cb480a
hp/color_laserjet_5550
q3714a
hp/color_laserjet_9500_mfp
c8549a
hp/color_laserjet_cm6030_mfp
ce664a
hp/color_laserjet_cm6040_mfp
q3939a
hp/color_laserjet_cp3505
cb442a
hp/color_laserjet_cp3525
cc469a
... and 28 more
Published
Apr 29, 2013
Tracked Since
Feb 18, 2026