CVE-2019-10627

CRITICAL

Qualcomm Ips < 2019.2 - Integer Overflow

Title source: rule

Description

Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS versions prior to 2019.2

References (2)

[Vendor Advisory] https://support.hp.com/us-en/document/c06458150

[Third Party Advisory] https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin

Scores

CVSS v3 9.8

EPSS 0.0056

EPSS Percentile 68.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-119 CWE-190 CWE-131

Status published

Products (42)

hp/2dr21d_firmware < 001.1937d

hp/d3q15a_firmware < 001.1937d

hp/d3q15b_firmware < 001.1937d

hp/d3q15d_firmware < 001.1937d

hp/d3q16a_firmware < 001.1937d

hp/d3q16d_firmware < 001.1937d

hp/d3q17a_firmware < 001.1937d

hp/d3q17d_firmware < 001.1937d

hp/d3q19a_firmware < 001.1937d

hp/d3q19b_firmware < 001.1937d

... and 32 more

Published Nov 21, 2019

Tracked Since Feb 18, 2026