var-201012-0350
Vulnerability from variot
The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the "C:\Program Files" folder, which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories. As a result, users that do not have permission to access that folder can gain access to that folder. According to the developer, printer drivers that were included with the product or downloaded from the developer website from the initial release of May 2010 through November 25, 2010 are affected by this vulnerability. Also, users of Windows Vista and later operating systems are not affected. The Epson LP-S7100 / LP-S9000 is a family of high performance printers. There is a problem with the Epson LP-S7100 / LP-S9000 driver installation, allowing local users to increase privileges. Because the default permissions for \"C:\Program Files\" and its subdirectories are not set correctly (\"Everyone\" group is fully controlled), local users can exploit the vulnerability to overwrite any file in these folders, resulting in elevation of privilege. Local attackers can exploit this issue to gain elevated privileges on affected devices. The following driver versions are vulnerable: LP-S7100 4.1.0fi through 4.1.7fi and 4.1.0hi through 4.1.7hi LP-S9000 4.1.0fc through 4.1.11fc and 4.1.0hc through 4.1.11hc. ----------------------------------------------------------------------
Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM).
Request a free trial: http://secunia.com/products/corporate/vim/
TITLE: Epson LP-S7100 / LP-S9000 Drivers Insecure Default Permissions
SECUNIA ADVISORY ID: SA42540
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42540/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42540
RELEASE DATE: 2010-12-08
DISCUSS ADVISORY: http://secunia.com/advisories/42540/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/42540/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=42540
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A security issue has been reported in Epson LP-S7100 / LP-S9000 drivers, which can be exploited by malicious, local users to gain escalated privileges.
The security issue is reported in the following versions: * LP-S7100 32bit edition versions 4.1.0fi through 4.1.7fi * LP-S7100 64bit edition versions 4.1.0hi through 4.1.7hi * LP-S9000 32bit edition versions 4.1.0fc through 4.1.11fc * LP-S9000 64bit edition versions 4.1.0hc through 4.1.11hc
SOLUTION: Update to a patched version and reset permissions. Please see the vendor's advisory for more details.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://www.epson.jp/support/misc/lps7100_9000/index.htm
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201012-0350",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "lp-s9000 driver 4.1.11",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": "*"
},
{
"model": "lp-s7100 driver 4.1.7",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": "*"
},
{
"model": "lp-s7100 driver 4.1.0",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": "*"
},
{
"model": "lp-s9000 driver 4.1.0",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": "*"
},
{
"model": "lp-s9000 4.1.0fc",
"scope": null,
"trust": 0.9,
"vendor": "epson",
"version": null
},
{
"model": "lp-s9000 4.1.0hc",
"scope": null,
"trust": 0.9,
"vendor": "epson",
"version": null
},
{
"model": "lp-s9000 4.1.11fc",
"scope": null,
"trust": 0.9,
"vendor": "epson",
"version": null
},
{
"model": "lp-s9000 4.1.11hc",
"scope": null,
"trust": 0.9,
"vendor": "epson",
"version": null
},
{
"model": "driver for lp-s7100",
"scope": "eq",
"trust": 0.8,
"vendor": "seiko epson",
"version": "prior to ver4.1.11 (32-bit and 64-bit)"
},
{
"model": "driver for lp-s9000",
"scope": "eq",
"trust": 0.8,
"vendor": "seiko epson",
"version": "prior to ver4.1.7 (32-bit and 64-bit)"
},
{
"model": "lp-s9000 4.1.0fi",
"scope": null,
"trust": 0.6,
"vendor": "epson",
"version": null
},
{
"model": "lp-s9000 4.1.0hi",
"scope": null,
"trust": 0.6,
"vendor": "epson",
"version": null
},
{
"model": "lp-s9000 4.1.7fi",
"scope": null,
"trust": 0.6,
"vendor": "epson",
"version": null
},
{
"model": "lp-s9000 4.1.7hi",
"scope": null,
"trust": 0.6,
"vendor": "epson",
"version": null
},
{
"model": "lp-s9000",
"scope": null,
"trust": 0.6,
"vendor": "epson",
"version": null
},
{
"model": "lp-s7100",
"scope": null,
"trust": 0.6,
"vendor": "epson",
"version": null
},
{
"model": "lp-s7100 4.1.7hi",
"scope": null,
"trust": 0.3,
"vendor": "epson",
"version": null
},
{
"model": "lp-s7100 4.1.7fi",
"scope": null,
"trust": 0.3,
"vendor": "epson",
"version": null
},
{
"model": "lp-s7100 4.1.0hi",
"scope": null,
"trust": 0.3,
"vendor": "epson",
"version": null
},
{
"model": "lp-s7100 4.1.0fi",
"scope": null,
"trust": 0.3,
"vendor": "epson",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-3107"
},
{
"db": "BID",
"id": "45258"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-000059"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-100"
},
{
"db": "NVD",
"id": "CVE-2010-3920"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:epson:lp-s7100",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:epson:lp-s9000",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-000059"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "45258"
}
],
"trust": 0.3
},
"cve": "CVE-2010-3920",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2010-3920",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2010-000059",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-3920",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2010-000059",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNNVD",
"id": "CNNVD-201012-100",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-000059"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-100"
},
{
"db": "NVD",
"id": "CVE-2010-3920"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the \"C:\\Program Files\" folder, which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories. As a result, users that do not have permission to access that folder can gain access to that folder. According to the developer, printer drivers that were included with the product or downloaded from the developer website from the initial release of May 2010 through November 25, 2010 are affected by this vulnerability. Also, users of Windows Vista and later operating systems are not affected. The Epson LP-S7100 / LP-S9000 is a family of high performance printers. There is a problem with the Epson LP-S7100 / LP-S9000 driver installation, allowing local users to increase privileges. Because the default permissions for \\\"C:\\\\Program Files\\\" and its subdirectories are not set correctly (\\\"Everyone\\\" group is fully controlled), local users can exploit the vulnerability to overwrite any file in these folders, resulting in elevation of privilege. \nLocal attackers can exploit this issue to gain elevated privileges on affected devices. \nThe following driver versions are vulnerable:\nLP-S7100 4.1.0fi through 4.1.7fi and 4.1.0hi through 4.1.7hi\nLP-S9000 4.1.0fc through 4.1.11fc and 4.1.0hc through 4.1.11hc. ----------------------------------------------------------------------\n\n\nSecure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). \n\nRequest a free trial: \nhttp://secunia.com/products/corporate/vim/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nEpson LP-S7100 / LP-S9000 Drivers Insecure Default Permissions\n\nSECUNIA ADVISORY ID:\nSA42540\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/42540/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42540\n\nRELEASE DATE:\n2010-12-08\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/42540/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/42540/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42540\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA security issue has been reported in Epson LP-S7100 / LP-S9000\ndrivers, which can be exploited by malicious, local users to gain\nescalated privileges. \n\nThe security issue is reported in the following versions:\n* LP-S7100 32bit edition versions 4.1.0fi through 4.1.7fi\n* LP-S7100 64bit edition versions 4.1.0hi through 4.1.7hi\n* LP-S9000 32bit edition versions 4.1.0fc through 4.1.11fc\n* LP-S9000 64bit edition versions 4.1.0hc through 4.1.11hc\n\nSOLUTION:\nUpdate to a patched version and reset permissions. Please see the\nvendor\u0027s advisory for more details. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.epson.jp/support/misc/lps7100_9000/index.htm\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-3920"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-000059"
},
{
"db": "CNVD",
"id": "CNVD-2010-3107"
},
{
"db": "BID",
"id": "45258"
},
{
"db": "PACKETSTORM",
"id": "96501"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-3920",
"trust": 3.3
},
{
"db": "SECUNIA",
"id": "42540",
"trust": 3.1
},
{
"db": "JVN",
"id": "JVN62736872",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2010-000059",
"trust": 2.4
},
{
"db": "OSVDB",
"id": "69678",
"trust": 1.8
},
{
"db": "CNVD",
"id": "CNVD-2010-3107",
"trust": 0.6
},
{
"db": "JVN",
"id": "JVN#62736872",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201012-100",
"trust": 0.6
},
{
"db": "BID",
"id": "45258",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "96501",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-3107"
},
{
"db": "BID",
"id": "45258"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-000059"
},
{
"db": "PACKETSTORM",
"id": "96501"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-100"
},
{
"db": "NVD",
"id": "CVE-2010-3920"
}
]
},
"id": "VAR-201012-0350",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-3107"
}
],
"trust": 1.2666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-3107"
}
]
},
"last_update_date": "2024-11-23T22:42:52.807000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "To the users of LP-S7100/LP-S9000",
"trust": 0.8,
"url": "http://www.epson.jp/support/misc/lps7100_9000/index.htm"
},
{
"title": "Epson LP-S7100 / LP-S9000 Unsafe Directory Permissions Elevation of Privilege Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/1998"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-3107"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-000059"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.0
},
{
"problemtype": "CWE-DesignError",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-000059"
},
{
"db": "NVD",
"id": "CVE-2010-3920"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://jvn.jp/en/jp/jvn62736872/index.html"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/42540"
},
{
"trust": 2.0,
"url": "http://www.epson.jp/support/misc/lps7100_9000/index.htm"
},
{
"trust": 1.8,
"url": "http://osvdb.org/69678"
},
{
"trust": 1.6,
"url": "http://jvndb.jvn.jp/ja/contents/2010/jvndb-2010-000059.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3920"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-3920"
},
{
"trust": 0.7,
"url": "http://secunia.com/advisories/42540/"
},
{
"trust": 0.3,
"url": "http://www.epson.jp/products/offirio/printer/lps7100/"
},
{
"trust": 0.3,
"url": "http://www.epson.jp/products/offirio/printer/lps9000/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42540/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42540"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-3107"
},
{
"db": "BID",
"id": "45258"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-000059"
},
{
"db": "PACKETSTORM",
"id": "96501"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-100"
},
{
"db": "NVD",
"id": "CVE-2010-3920"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2010-3107"
},
{
"db": "BID",
"id": "45258"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-000059"
},
{
"db": "PACKETSTORM",
"id": "96501"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-100"
},
{
"db": "NVD",
"id": "CVE-2010-3920"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-12-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-3107"
},
{
"date": "2010-12-08T00:00:00",
"db": "BID",
"id": "45258"
},
{
"date": "2010-12-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-000059"
},
{
"date": "2010-12-08T05:23:36",
"db": "PACKETSTORM",
"id": "96501"
},
{
"date": "2010-12-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201012-100"
},
{
"date": "2010-12-08T20:00:01.713000",
"db": "NVD",
"id": "CVE-2010-3920"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-12-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-3107"
},
{
"date": "2010-12-08T00:00:00",
"db": "BID",
"id": "45258"
},
{
"date": "2010-12-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-000059"
},
{
"date": "2010-12-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201012-100"
},
{
"date": "2024-11-21T01:19:54.250000",
"db": "NVD",
"id": "CVE-2010-3920"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "45258"
},
{
"db": "PACKETSTORM",
"id": "96501"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-100"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability in Epson printer driver installer where access permissions are changed",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-000059"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201012-100"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…