CVE-2007-0161

Summary

CVE	CVE-2007-0161
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2007-01-10 00:28:00 UTC
Updated	2018-10-16 16:31:00 UTC
Description	The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006-0023.

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Hp	Color Laserjet 4650	All	All	All	All
Hardware	Hp	Color Laserjet 4650	All	All	All	All
Hardware	Hp	Officejet 4100	All	All	All	All
Hardware	Hp	Officejet 4100	All	All	All	All
Hardware	Hp	Officejet 5100	All	All	All	All
Hardware	Hp	Officejet 5100	All	All	All	All
Hardware	Hp	Officejet 5500	All	All	All	All
Hardware	Hp	Officejet 5500	All	All	All	All
Hardware	Hp	Officejet 6100	All	All	All	All
Hardware	Hp	Officejet 6100	All	All	All	All
Hardware	Hp	Officejet 7100	All	All	All	All
Hardware	Hp	Officejet 7100	All	All	All	All
Hardware	Hp	Officejet D	All	All	All	All
Hardware	Hp	Officejet D	All	All	All	All
Hardware	Hp	Officejet G	All	All	All	All
Hardware	Hp	Officejet G	All	All	All	All
Hardware	Hp	Officejet K	All	All	All	All
Hardware	Hp	Officejet K	All	All	All	All
Application	Hp	Pml Driver Hpz12	All	All	All	All
Application	Hp	Pml Driver Hpz12	All	All	All	All
Hardware	Hp	Psc 1100	All	All	All	All
Hardware	Hp	Psc 1100	All	All	All	All
Hardware	Hp	Psc 1200	All	All	All	All
Hardware	Hp	Psc 1200	All	All	All	All
Hardware	Hp	Psc 1210 All-in-one	All	All	All	All
Hardware	Hp	Psc 1210 All-in-one	All	All	All	All
Hardware	Hp	Psc 1300	All	All	All	All
Hardware	Hp	Psc 1300	All	All	All	All
Hardware	Hp	Psc 2100	All	All	All	All
Hardware	Hp	Psc 2100	All	All	All	All
Hardware	Hp	Psc 2200	All	All	All	All
Hardware	Hp	Psc 2200	All	All	All	All
Hardware	Hp	Psc 2400 Photosmart All-in-one	All	All	All	All
Hardware	Hp	Psc 2400 Photosmart All-in-one	All	All	All	All
Hardware	Hp	Psc 2500 Photosmart All-in-one	All	All	All	All
Hardware	Hp	Psc 2500 Photosmart All-in-one	All	All	All	All
Hardware	Hp	Psc 2510 Photosmart	All	All	All	All
Hardware	Hp	Psc 2510 Photosmart	All	All	All	All
Hardware	Hp	Psc 700	All	All	All	All
Hardware	Hp	Psc 700	All	All	All	All
Hardware	Hp	Psc 900	All	All	All	All
Hardware	Hp	Psc 900	All	All	All	All

References

Reference	Source	Link	Tags
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	VUPEN	www.vupen.com
IBM X-Force Exchange	XF	exchange.xforce.ibmcloud.com
HP PML Driver HPZ12 Windows Privilege Escalation Security Issue - Advisories - Secunia	SECUNIA	secunia.com	Vendor Advisory
32654	OSVDB	osvdb.org
SecurityFocus	BUGTRAQ	www.securityfocus.com
SecurityReason - HP Multiple Products PML Driver Local Privilege Escalation	SREASON	securityreason.com
ページが見つかりませんでした \| 目の下が赤い！それ赤クマかも？原因と治し方を教えて？	MISC	secway.org	Vendor Advisory
HP Multiple Products PML Driver HPZ12 Local Privilege Escalation Vulnerability	BID	www.securityfocus.com	Exploit
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.