Unknown
CVE-2007-0161
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Unknown
(0 users assessed)
Unknown
(0 users assessed)Unknown
Unknown
Unknown
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006-0023.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- color laserjet 4650,
- officejet 4100,
- officejet 5100,
- officejet 5500,
- officejet 6100,
- officejet 7100,
- officejet d,
- officejet g,
- officejet k,
- pml driver hpz12,
- psc 1100,
- psc 1200,
- psc 1210 all-in-one,
- psc 1300,
- psc 2100,
- psc 2200,
- psc 2400 photosmart all-in-one,
- psc 2500 photosmart all-in-one,
- psc 2510 photosmart,
- psc 700,
- psc 900
References
Advisory
Miscellaneous
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
