Search
Find a vulnerability
Search criteria
2 vulnerabilities found for chaivm_ezloader by hp
CVE-2002-1796 (GCVE-0-2002-1796)
Vulnerability from cvelistv5 – Published: 2005-06-28 04:00 – Updated: 2025-01-16 19:24
VLAI
EPSS
VEX
Summary
ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.phenoelit.de/stuff/HP_Chai.txt | x_refsource_MISC |
| http://www.securityfocus.com/bid/5334 | vdb-entryx_refsource_BID |
| http://online.securityfocus.com/advisories/4317 | vendor-advisoryx_refsource_HP |
| http://www.iss.net/security_center/static/9695.php | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/284648 | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:34:56.348Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.phenoelit.de/stuff/HP_Chai.txt"
},
{
"name": "5334",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5334"
},
{
"name": "HPSBUX0207-203",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4317"
},
{
"name": "hp-chaivm-add-services(9695)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9695.php"
},
{
"name": "20020227 Phenoelit Advisory #0815 +--",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/284648"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2002-1796",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-09T17:57:39.682936Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T19:24:39.019Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-28T04:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.phenoelit.de/stuff/HP_Chai.txt"
},
{
"name": "5334",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5334"
},
{
"name": "HPSBUX0207-203",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4317"
},
{
"name": "hp-chaivm-add-services(9695)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9695.php"
},
{
"name": "20020227 Phenoelit Advisory #0815 +--",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/284648"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1796",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.phenoelit.de/stuff/HP_Chai.txt",
"refsource": "MISC",
"url": "http://www.phenoelit.de/stuff/HP_Chai.txt"
},
{
"name": "5334",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5334"
},
{
"name": "HPSBUX0207-203",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4317"
},
{
"name": "hp-chaivm-add-services(9695)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9695.php"
},
{
"name": "20020227 Phenoelit Advisory #0815 +--",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/284648"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1796",
"datePublished": "2005-06-28T04:00:00.000Z",
"dateReserved": "2005-06-28T04:00:00.000Z",
"dateUpdated": "2025-01-16T19:24:39.019Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1796 (GCVE-0-2002-1796)
Vulnerability from nvd – Published: 2005-06-28 04:00 – Updated: 2025-01-16 19:24
VLAI
EPSS
VEX
Summary
ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.phenoelit.de/stuff/HP_Chai.txt | x_refsource_MISC |
| http://www.securityfocus.com/bid/5334 | vdb-entryx_refsource_BID |
| http://online.securityfocus.com/advisories/4317 | vendor-advisoryx_refsource_HP |
| http://www.iss.net/security_center/static/9695.php | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/284648 | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:34:56.348Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.phenoelit.de/stuff/HP_Chai.txt"
},
{
"name": "5334",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5334"
},
{
"name": "HPSBUX0207-203",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4317"
},
{
"name": "hp-chaivm-add-services(9695)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9695.php"
},
{
"name": "20020227 Phenoelit Advisory #0815 +--",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/284648"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2002-1796",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-09T17:57:39.682936Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T19:24:39.019Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-28T04:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.phenoelit.de/stuff/HP_Chai.txt"
},
{
"name": "5334",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5334"
},
{
"name": "HPSBUX0207-203",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/4317"
},
{
"name": "hp-chaivm-add-services(9695)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9695.php"
},
{
"name": "20020227 Phenoelit Advisory #0815 +--",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/284648"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1796",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.phenoelit.de/stuff/HP_Chai.txt",
"refsource": "MISC",
"url": "http://www.phenoelit.de/stuff/HP_Chai.txt"
},
{
"name": "5334",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5334"
},
{
"name": "HPSBUX0207-203",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/4317"
},
{
"name": "hp-chaivm-add-services(9695)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9695.php"
},
{
"name": "20020227 Phenoelit Advisory #0815 +--",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/284648"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1796",
"datePublished": "2005-06-28T04:00:00.000Z",
"dateReserved": "2005-06-28T04:00:00.000Z",
"dateUpdated": "2025-01-16T19:24:39.019Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}