CVE-2019-10627

Name: CVE-2019-10627
Creator: NVD / NIST
Published: 2019-11-21T15:15:13.76+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

CRITICALCVSS 9.8/10EPSS 1.39%

Last modified Jun 17, 2026

CVE-2019-10627 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS versions prior to 2019.2. EPSS estimates a 1.39% chance of exploitation in the next 30 days.

Description

Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS versions prior to 2019.2

Metrics

CVSS 3.1

9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

1.39%

68.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Qualcomm	Ips	< 2019.2
Hp	D9l63a Firmware	< 001.1937c
Hp	D9l64a Firmware	< 001.1937c
Hp	T0g70a Firmware	< 001.1937c
Hp	J3p65a Firmware	< 001.1937c
Hp	J3p68a Firmware	< 001.1937c
Hp	J6u57a Firmware	< 001.1937d
Hp	J6u57b Firmware	< 001.1937d
Hp	J9v80a Firmware	< 001.1937d
Hp	J9v80b Firmware	< 001.1937d
Hp	J6u55a Firmware	< 001.1937d
Hp	J6u55d Firmware	< 001.1937d
Hp	J6u51b Firmware	< 001.1937d
Hp	J9v82a Firmware	< 001.1937d
Hp	J9v82d Firmware	< 001.1937d
Hp	J9v78b Firmware	< 001.1937d
Hp	D3q15a Firmware	< 001.1937d
Hp	D3q15b Firmware	< 001.1937d
Hp	D3q15d Firmware	< 001.1937d
Hp	D3q16a Firmware	< 001.1937d
Hp	D3q16d Firmware	< 001.1937d
Hp	W2z52b Firmware	< 001.1937d
Hp	D3q19a Firmware	< 001.1937d
Hp	D3q19b Firmware	< 001.1937d
Hp	D3q19d Firmware	< 001.1937d
Hp	D3q20a Firmware	< 001.1937d
Hp	D3q20b Firmware	< 001.1937d
Hp	D3q20c Firmware	< 001.1937d
Hp	D3q20d Firmware	< 001.1937d
Hp	W2z53b Firmware	< 001.1937d
Hp	2dr21d Firmware	< 001.1937d
Hp	D3q17a Firmware	< 001.1937d
Hp	D3q17d Firmware	< 001.1937d
Hp	K9z74a Firmware	< 001.1937d
Hp	K9z74d Firmware	< 001.1937d
Hp	D3q21a Firmware	< 001.1937d
Hp	D3q21b Firmware	< 001.1937d
Hp	D3q21c Firmware	< 001.1937d
Hp	D3q21d Firmware	< 001.1937d
Hp	K9z76a Firmware	< 001.1937d
Hp	K9z76b Firmware	< 001.1937d
Hp	K9z76d Firmware	< 001.1937d

References

https://support.hp.com/us-en/document/c06458150Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletinThird Party Advisory
https://support.hp.com/us-en/document/c06458150Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletinThird Party Advisory

Timeline

Published: Nov 21, 2019
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2019-10627?

How severe is CVE-2019-10627?

CVE-2019-10627 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 1.39% probability of exploitation in the next 30 days.

How do I fix CVE-2019-10627?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-10627?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST