CVE-2007-0161

Severity

41%

Complexity

27%

Confidentiality

106%

The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006-0023.

The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006-0023.

CVSS 2.0 Base Score 4.1. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:S/C:P/I:P/A:P).

Overview

Type

HP

First reported 18 years ago

2007-01-10 00:28:00

Last updated 6 years ago

2018-10-16 16:31:00

Affected Software

HP PML Driver HPZ12

HP Color LaserJet 4650

HP Officejet 4100

HP Officejet 5100

HP Officejet 5500

HP Officejet 6100

HP Officejet 7100

HP Officejet D

HP Officejet G

HP Officejet K

HP PSC 1100

HP PSC 1200

HP PSC 1210 All-in-One

HP PSC 1300

HP PSC 2100

HP PSC 2200

HP PSC 2400 Photosmart All-in-one

HP PSC 2500 Photosmart All-in-one

HP PSC 2510 Photosmart Printer

HP PSC 700

HP PSC 900

References

32654

23663

Vendor Advisory

2128

http://secway.org/advisory/AD20070108.txt

Vendor Advisory

20070108 HP Multiple Products PML Driver Local Privilege Escalation

21935

Exploit

ADV-2007-0094

pml-driver-config-privilege-escalation(31361)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.