Strix
26.1K

CVE-2012-5221

UnknownEPSS 3.85%

Last modified

CVE-2012-5221 is a vulnerability of currently unknown severity. Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors.. EPSS estimates a 3.85% chance of exploitation in the next 30 days.

Description

Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors.

Metrics

EPSS Probability
3.85%

88.8th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
HpColor Laserjet 3000q7534a
HpColor Laserjet 3800q5981a
HpColor Laserjet 4700q7492a
HpColor Laserjet 4730 Mfpcb480a
HpColor Laserjet 5550q3714a
HpColor Laserjet 9500 Mfpc8549a
HpColor Laserjet Cm6030 Mfpce664a
HpColor Laserjet Cm6040 Mfpq3939a
HpColor Laserjet Cp3505cb442a
HpColor Laserjet Cp3525cc469a
HpColor Laserjet Cp4005cb503a
HpColor Laserjet Cp6015q3932a
HpColor Laserjet Enterprise Cp4025cc490a
HpColor Laserjet Enterprise Cp4525cc493a
HpDigital Sender 9250ccb472a
HpLaserjet 4240q7785a
HpLaserjet 4250q5400a
HpLaserjet 4345 Mfpq3942a
HpLaserjet 4350q5407a
HpLaserjet 5200lq7543a
HpLaserjet 5200nq7543a
HpLaserjet 9040q7697a
HpLaserjet 9040 Mfpq3721a
HpLaserjet 9050q7697a
HpLaserjet 9050 Mfpq3721a
HpLaserjet Enterprise P3015ce526a
HpLaserjet M3027 Mfpcb416a
HpLaserjet M3035 Mfpcb414a
HpLaserjet M3035 Mfpcc519a
HpLaserjet M4345 Mfpcb425a
HpLaserjet M5025 Mfpq7840a
HpLaserjet M5035 Mfpq7829a
HpLaserjet M9040 Mpfcc394a
HpLaserjet M9050 Mpfcc395a
HpLaserjet P3005q7812a
HpLaserjet P4014cb507a
HpLaserjet P4015cb509a
HpLaserjet P4515cb514a

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2012-5221?
Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors.
How severe is CVE-2012-5221?
Severity scoring for CVE-2012-5221 is pending analysis. The EPSS model estimates a 3.85% probability of exploitation in the next 30 days.
How do I fix CVE-2012-5221?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2012-5221?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST