Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for color_laserjet_3600n by hp

    CVE-2009-2684 (GCVE-0-2009-2684)

    Vulnerability from nvd – Published: 2009-10-13 10:00 – Updated: 2024-08-07 05:59
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect and the Embedded Web Server (EWS) on certain HP LaserJet and Color LaserJet printers, and HP Digital Senders, allow remote attackers to inject arbitrary web script or HTML via the (1) Product_URL or (2) Tech_URL parameter in an Apply action to the support_param.html/config script.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/36613 vdb-entryx_refsource_BID
    http://dsecrg.com/pages/vul/show.php?id=148 x_refsource_MISC
    http://www.vupen.com/english/advisories/2009/2850 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/36969 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/507038/100… mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://marc.info/?l=bugtraq&m=125493484205823&w=2 vendor-advisoryx_refsource_HP
    Date Public
    2009-10-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:59:56.763Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "36613",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/36613"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://dsecrg.com/pages/vul/show.php?id=148"
              },
              {
                "name": "ADV-2009-2850",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/2850"
              },
              {
                "name": "36969",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36969"
              },
              {
                "name": "20091007 [DSECRG-09-048] HP LaserJet printers - Multiple Stored XSS vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/507038/100/0/threaded"
              },
              {
                "name": "hp-laserjet-unspecified-xss(53677)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53677"
              },
              {
                "name": "HPSBPI02463",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=125493484205823\u0026w=2"
              },
              {
                "name": "SSRT090061",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=125493484205823\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-10-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect and the Embedded Web Server (EWS) on certain HP LaserJet and Color LaserJet printers, and HP Digital Senders, allow remote attackers to inject arbitrary web script or HTML via the (1) Product_URL or (2) Tech_URL parameter in an Apply action to the support_param.html/config script."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "36613",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/36613"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://dsecrg.com/pages/vul/show.php?id=148"
            },
            {
              "name": "ADV-2009-2850",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/2850"
            },
            {
              "name": "36969",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36969"
            },
            {
              "name": "20091007 [DSECRG-09-048] HP LaserJet printers - Multiple Stored XSS vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/507038/100/0/threaded"
            },
            {
              "name": "hp-laserjet-unspecified-xss(53677)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53677"
            },
            {
              "name": "HPSBPI02463",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=125493484205823\u0026w=2"
            },
            {
              "name": "SSRT090061",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=125493484205823\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-2684",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect and the Embedded Web Server (EWS) on certain HP LaserJet and Color LaserJet printers, and HP Digital Senders, allow remote attackers to inject arbitrary web script or HTML via the (1) Product_URL or (2) Tech_URL parameter in an Apply action to the support_param.html/config script."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "36613",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/36613"
                },
                {
                  "name": "http://dsecrg.com/pages/vul/show.php?id=148",
                  "refsource": "MISC",
                  "url": "http://dsecrg.com/pages/vul/show.php?id=148"
                },
                {
                  "name": "ADV-2009-2850",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/2850"
                },
                {
                  "name": "36969",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/36969"
                },
                {
                  "name": "20091007 [DSECRG-09-048] HP LaserJet printers - Multiple Stored XSS vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/507038/100/0/threaded"
                },
                {
                  "name": "hp-laserjet-unspecified-xss(53677)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53677"
                },
                {
                  "name": "HPSBPI02463",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=125493484205823\u0026w=2"
                },
                {
                  "name": "SSRT090061",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=125493484205823\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-2684",
        "datePublished": "2009-10-13T10:00:00.000Z",
        "dateReserved": "2009-08-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:59:56.763Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-2684 (GCVE-0-2009-2684)

    Vulnerability from cvelistv5 – Published: 2009-10-13 10:00 – Updated: 2024-08-07 05:59
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect and the Embedded Web Server (EWS) on certain HP LaserJet and Color LaserJet printers, and HP Digital Senders, allow remote attackers to inject arbitrary web script or HTML via the (1) Product_URL or (2) Tech_URL parameter in an Apply action to the support_param.html/config script.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/36613 vdb-entryx_refsource_BID
    http://dsecrg.com/pages/vul/show.php?id=148 x_refsource_MISC
    http://www.vupen.com/english/advisories/2009/2850 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/36969 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/507038/100… mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://marc.info/?l=bugtraq&m=125493484205823&w=2 vendor-advisoryx_refsource_HP
    Date Public
    2009-10-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:59:56.763Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "36613",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/36613"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://dsecrg.com/pages/vul/show.php?id=148"
              },
              {
                "name": "ADV-2009-2850",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/2850"
              },
              {
                "name": "36969",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/36969"
              },
              {
                "name": "20091007 [DSECRG-09-048] HP LaserJet printers - Multiple Stored XSS vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/507038/100/0/threaded"
              },
              {
                "name": "hp-laserjet-unspecified-xss(53677)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53677"
              },
              {
                "name": "HPSBPI02463",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=125493484205823\u0026w=2"
              },
              {
                "name": "SSRT090061",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=125493484205823\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-10-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect and the Embedded Web Server (EWS) on certain HP LaserJet and Color LaserJet printers, and HP Digital Senders, allow remote attackers to inject arbitrary web script or HTML via the (1) Product_URL or (2) Tech_URL parameter in an Apply action to the support_param.html/config script."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "36613",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/36613"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://dsecrg.com/pages/vul/show.php?id=148"
            },
            {
              "name": "ADV-2009-2850",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/2850"
            },
            {
              "name": "36969",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/36969"
            },
            {
              "name": "20091007 [DSECRG-09-048] HP LaserJet printers - Multiple Stored XSS vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/507038/100/0/threaded"
            },
            {
              "name": "hp-laserjet-unspecified-xss(53677)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53677"
            },
            {
              "name": "HPSBPI02463",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=125493484205823\u0026w=2"
            },
            {
              "name": "SSRT090061",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=125493484205823\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-2684",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect and the Embedded Web Server (EWS) on certain HP LaserJet and Color LaserJet printers, and HP Digital Senders, allow remote attackers to inject arbitrary web script or HTML via the (1) Product_URL or (2) Tech_URL parameter in an Apply action to the support_param.html/config script."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "36613",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/36613"
                },
                {
                  "name": "http://dsecrg.com/pages/vul/show.php?id=148",
                  "refsource": "MISC",
                  "url": "http://dsecrg.com/pages/vul/show.php?id=148"
                },
                {
                  "name": "ADV-2009-2850",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/2850"
                },
                {
                  "name": "36969",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/36969"
                },
                {
                  "name": "20091007 [DSECRG-09-048] HP LaserJet printers - Multiple Stored XSS vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/507038/100/0/threaded"
                },
                {
                  "name": "hp-laserjet-unspecified-xss(53677)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53677"
                },
                {
                  "name": "HPSBPI02463",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=125493484205823\u0026w=2"
                },
                {
                  "name": "SSRT090061",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=125493484205823\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-2684",
        "datePublished": "2009-10-13T10:00:00.000Z",
        "dateReserved": "2009-08-05T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:59:56.763Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }