Action not permitted
Modal body text goes here.
Modal Title
Modal Body
jvndb-2025-002790
Vulnerability from jvndb
Published
2025-04-02 15:05
Modified
2025-04-02 15:05
Severity ?
Summary
Out-of-bounds Write vulnerabilities in Canon Printer Drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers
Details
Out-of-bounds Write vulnerabilities were found in Canon printer drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers.
* Out-of-bounds Write vulnerability on curve segmentation (CWE-787) - CVE-2025-0234
* Out-of-bounds Write vulnerability on image rendering (CWE-787) - CVE-2025-0235
* Out-of-bounds Write vulnerability on slope processing during curve rendering
(CWE-787) - CVE-2025-0236
* Out-of-bounds Write vulnerability on EMF records processing (CWE-787) - CVE-2025-1268
Canon Inc. reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. JPCERT/CC and Canon Inc. coordinated under the Information Security Early Warning Partnership.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Canon | (multiple product) |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-002790.html",
"dc:date": "2025-04-02T15:05+09:00",
"dcterms:issued": "2025-04-02T15:05+09:00",
"dcterms:modified": "2025-04-02T15:05+09:00",
"description": "Out-of-bounds Write vulnerabilities were found in Canon printer drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers.\r\n\r\n * Out-of-bounds Write vulnerability on curve segmentation (CWE-787) - CVE-2025-0234\r\n * Out-of-bounds Write vulnerability on image rendering (CWE-787) - CVE-2025-0235\r\n * Out-of-bounds Write vulnerability on slope processing during curve rendering \r\n (CWE-787) - CVE-2025-0236\r\n * Out-of-bounds Write vulnerability on EMF records processing (CWE-787) - CVE-2025-1268\r\n\r\nCanon Inc. reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. JPCERT/CC and Canon Inc. coordinated under the Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-002790.html",
"sec:cpe": {
"#text": "cpe:/a:canon:multiple_product",
"@product": "(multiple product)",
"@vendor": "Canon",
"@version": "2.2"
},
"sec:cvss": {
"@score": "9.4",
"@severity": "Critical",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2025-002790",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU93701955/index.html",
"@id": "JVNVU#93701955",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2025-0234",
"@id": "CVE-2025-0234",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2025-0235",
"@id": "CVE-2025-0235",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2025-0236",
"@id": "CVE-2025-0236",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2025-1268",
"@id": "CVE-2025-1268",
"@source": "CVE"
},
{
"#text": "https://cwe.mitre.org/data/definitions/787.html",
"@id": "CWE-787",
"@title": "Out-of-bounds Write(CWE-787)"
}
],
"title": "Out-of-bounds Write vulnerabilities in Canon Printer Drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers"
}
CVE-2025-0236 (GCVE-0-2025-0236)
Vulnerability from cvelistv5
Published
2025-02-26 01:57
Modified
2025-02-26 15:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
Out-of-bounds vulnerability in slope processing during curve rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.canon/advisory-information/cp2025-002/ | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Canon Inc. | Generic PCL6 V4 Printer Driver |
Version: 2.1 and earlier |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0236",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T14:50:16.241282Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T15:34:35.163Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Generic PCL6 V4 Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "2.1 and earlier"
}
]
},
{
"product": "Generic UFR II V4 Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "2.1 and earlier"
}
]
},
{
"product": "Generic LIPSLX V4 Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "2.1 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eOut-of-bounds vulnerability in slope processing during curve rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver.\u003c/p\u003e"
}
],
"value": "Out-of-bounds vulnerability in slope processing during curve rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T01:57:43.244Z",
"orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
"shortName": "Canon"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.canon/advisory-information/cp2025-002/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
"assignerShortName": "Canon",
"cveId": "CVE-2025-0236",
"datePublished": "2025-02-26T01:57:43.244Z",
"dateReserved": "2025-01-06T07:14:01.885Z",
"dateUpdated": "2025-02-26T15:34:35.163Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1268 (GCVE-0-2025-1268)
Vulnerability from cvelistv5
Published
2025-03-31 00:52
Modified
2025-06-16 08:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
Out-of-bounds vulnerability in EMF Recode processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / Generic FAX Printer Driver / UFRII LT Printer Driver / CARPS2 Printer Driver / PDF Driver
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Canon Inc. | Generic Plus PCL6 Printer Driver |
Version: 3.12 and earlier |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1268",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-31T16:40:01.006604Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-31T16:40:17.342Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Generic Plus PCL6 Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "3.12 and earlier"
}
]
},
{
"product": "Generic Plus UFR II Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "3.12 and earlier"
}
]
},
{
"product": "Generic Plus LIPS4 Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "3.12 and earlier"
}
]
},
{
"product": "Generic Plus LIPSLX Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "3.12 and earlier"
}
]
},
{
"product": "Generic Plus PS Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "3.12 and earlier"
}
]
},
{
"product": "Generic FAX Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "10.65 and earlier"
}
]
},
{
"product": "UFRII LT Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "30.88 and earlier"
}
]
},
{
"product": "CARPS2 Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "31.01 and earlier"
}
]
},
{
"product": "PDF Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "1.0.5.0 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eOut-of-bounds vulnerability in EMF Recode processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / Generic FAX Printer Driver / UFRII LT Printer Driver / CARPS2 Printer Driver / PDF Driver\u003c/p\u003e"
}
],
"value": "Out-of-bounds vulnerability in EMF Recode processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / Generic FAX Printer Driver / UFRII LT Printer Driver / CARPS2 Printer Driver / PDF Driver"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T08:21:21.728Z",
"orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
"shortName": "Canon"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.canon/advisory-information/cp2025-003/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://canon.jp/support/support-info/250328vulnerability-response"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.usa.canon.com/about-us/to-our-customers/service-notice-vulnerability-remediation-for-certain-printer-drivers-for-production-printers-office-small-office-multifunction-printers-and-laser-printers"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.canon-europe.com/support/product-security/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
"assignerShortName": "Canon",
"cveId": "CVE-2025-1268",
"datePublished": "2025-03-31T00:52:18.516Z",
"dateReserved": "2025-02-13T06:57:20.778Z",
"dateUpdated": "2025-06-16T08:21:21.728Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0234 (GCVE-0-2025-0234)
Vulnerability from cvelistv5
Published
2025-02-26 01:52
Modified
2025-02-26 15:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
Out-of-bounds vulnerability in curve segmentation processing of Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.canon/advisory-information/cp2025-002/ | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Canon Inc. | Generic PCL6 V4 Printer Driver |
Version: 2.1 and earlier |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0234",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T14:50:21.291232Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T15:43:00.837Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Generic PCL6 V4 Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "2.1 and earlier"
}
]
},
{
"product": "Generic UFR II V4 Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "2.1 and earlier"
}
]
},
{
"product": "Generic LIPSLX V4 Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "2.1 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eOut-of-bounds vulnerability in curve segmentation processing of Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver.\u003c/p\u003e"
}
],
"value": "Out-of-bounds vulnerability in curve segmentation processing of Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T01:52:31.822Z",
"orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
"shortName": "Canon"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.canon/advisory-information/cp2025-002/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
"assignerShortName": "Canon",
"cveId": "CVE-2025-0234",
"datePublished": "2025-02-26T01:52:31.822Z",
"dateReserved": "2025-01-06T07:13:55.361Z",
"dateUpdated": "2025-02-26T15:43:00.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0235 (GCVE-0-2025-0235)
Vulnerability from cvelistv5
Published
2025-02-26 01:56
Modified
2025-02-26 15:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
Out-of-bounds vulnerability due to improper memory release during image rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver.
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.canon/advisory-information/cp2025-002/ | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Canon Inc. | Generic PCL6 V4 Printer Driver |
Version: 2.1 and earlier |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0235",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T14:50:18.802449Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T15:34:43.071Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Generic PCL6 V4 Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "2.1 and earlier"
}
]
},
{
"product": "Generic UFR II V4 Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "2.1 and earlier"
}
]
},
{
"product": "Generic LIPSLX V4 Printer Driver",
"vendor": "Canon Inc.",
"versions": [
{
"status": "affected",
"version": "2.1 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eOut-of-bounds vulnerability due to improper memory release during image rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver.\u003c/p\u003e"
}
],
"value": "Out-of-bounds vulnerability due to improper memory release during image rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T01:56:46.621Z",
"orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
"shortName": "Canon"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.canon/advisory-information/cp2025-002/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
"assignerShortName": "Canon",
"cveId": "CVE-2025-0235",
"datePublished": "2025-02-26T01:56:24.945Z",
"dateReserved": "2025-01-06T07:13:59.255Z",
"dateUpdated": "2025-02-26T15:34:43.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…