Vulnerability-Lookup

BDU:2020-00812

Vulnerability from fstec - Published: 27.09.2019

Title

Уязвимость PostScript- и PDF-совместимых интерпретаторов программного обеспечения Qualcomm IPS, вызванная целочисленным переполнением, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

Description

Уязвимость PostScript- и PDF-совместимых интерпретаторов программного обеспечения Qualcomm IPS вызвана целочисленным переполнением. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vendor

HP Inc., Qualcomm Technologies Inc.

Software Name

HP OfficeJet Pro 8210 (D9L63A - D9L64A, T0G70A, J3P65A - J3P68A), HP PageWide 352dw (J6U57A - J6U57B), HP PageWide 377dw (J9V80A, J9V80B), HP PageWide Managed P55250dw (J6U55A - J6U55D, J6U51B), HP PageWide Managed P57750dw (J9V82A - J9V82D, J9V78B), HP PageWide Managed P52750dw (J9V82A - J9V82D, J9V78B), HP PageWide Pro 452dn (D3Q15A, D3Q15B, D3Q15D), HP PageWide Pro 452dw (D3Q16A - D3Q16D, W2Z52B), HP PageWide Pro 477dn (D3Q19A, D3Q19B, D3Q19D), HP PageWide Pro 477dw (D3Q20A, D3Q20B, D3Q20C, D3Q20D, W2Z53B), HP PageWide Pro 552dw (2DR21D, D3Q17A - D3Q17D, K9Z74A - K9Z74D), HP PageWide Pro 577dw (D3Q21A,D3Q21B, D3Q21C, D3Q21D), HP PageWide Pro 577z (K9Z76A, K9Z76B, K9Z76D), IPS

Software Version

до 001.1937C (HP OfficeJet Pro 8210 (D9L63A - D9L64A, T0G70A, J3P65A - J3P68A)), до 001.1937D (HP PageWide 352dw (J6U57A - J6U57B)), до 001.1937D (HP PageWide 377dw (J9V80A, J9V80B)), до 001.1937D (HP PageWide Managed P55250dw (J6U55A - J6U55D, J6U51B)), до 001.1937D (HP PageWide Managed P57750dw (J9V82A - J9V82D, J9V78B)), до 001.1937D (HP PageWide Managed P52750dw (J9V82A - J9V82D, J9V78B)), до 001.1937D (HP PageWide Pro 452dn (D3Q15A, D3Q15B, D3Q15D)), до 001.1937D (HP PageWide Pro 452dw (D3Q16A - D3Q16D, W2Z52B)), до 001.1937D (HP PageWide Pro 477dn (D3Q19A, D3Q19B, D3Q19D)), до 001.1937D (HP PageWide Pro 477dw (D3Q20A, D3Q20B, D3Q20C, D3Q20D, W2Z53B)), до 001.1937D (HP PageWide Pro 552dw (2DR21D, D3Q17A - D3Q17D, K9Z74A - K9Z74D)), до 001.1937D (HP PageWide Pro 577dw (D3Q21A,D3Q21B, D3Q21C, D3Q21D)), до 001.1937D (HP PageWide Pro 577z (K9Z76A, K9Z76B, K9Z76D)), до 2019.2 (IPS)

Possible Mitigations

Использование рекомендаций: Для программных продуктов Hewlett-Packard Development Company L.P.: https://support.hp.com/us-en/document/c06458150 Для Qualcomm IPS: https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin

Reference

https://support.hp.com/us-en/document/c06458150 https://nvd.nist.gov/vuln/detail/CVE-2019-10627 https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin

CWE

CWE-190

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "HP Inc., Qualcomm Technologies Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 001.1937C (HP OfficeJet Pro 8210 (D9L63A - D9L64A, T0G70A, J3P65A - J3P68A)), \u0434\u043e 001.1937D (HP PageWide 352dw (J6U57A - J6U57B)), \u0434\u043e 001.1937D (HP PageWide 377dw (J9V80A, J9V80B)), \u0434\u043e 001.1937D (HP PageWide Managed P55250dw (J6U55A - J6U55D, J6U51B)), \u0434\u043e 001.1937D (HP PageWide Managed P57750dw (J9V82A - J9V82D, J9V78B)), \u0434\u043e 001.1937D (HP PageWide Managed P52750dw (J9V82A - J9V82D, J9V78B)), \u0434\u043e 001.1937D (HP PageWide Pro 452dn (D3Q15A, D3Q15B, D3Q15D)), \u0434\u043e 001.1937D (HP PageWide Pro 452dw (D3Q16A - D3Q16D, W2Z52B)), \u0434\u043e 001.1937D (HP PageWide Pro 477dn (D3Q19A, D3Q19B, D3Q19D)), \u0434\u043e 001.1937D (HP PageWide Pro 477dw (D3Q20A, D3Q20B, D3Q20C, D3Q20D, W2Z53B)), \u0434\u043e 001.1937D (HP PageWide Pro 552dw (2DR21D, D3Q17A - D3Q17D, K9Z74A - K9Z74D)), \u0434\u043e 001.1937D (HP PageWide Pro 577dw (D3Q21A,D3Q21B, D3Q21C, D3Q21D)), \u0434\u043e 001.1937D (HP PageWide Pro 577z (K9Z76A, K9Z76B, K9Z76D)), \u0434\u043e 2019.2 (IPS)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Hewlett-Packard Development Company L.P.:\nhttps://support.hp.com/us-en/document/c06458150\n\n\u0414\u043b\u044f Qualcomm IPS:\nhttps://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "27.09.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "04.03.2020",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "04.03.2020",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2020-00812",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-10627",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "HP OfficeJet Pro 8210 (D9L63A - D9L64A, T0G70A, J3P65A - J3P68A), HP PageWide 352dw (J6U57A - J6U57B), HP PageWide 377dw (J9V80A, J9V80B), HP PageWide Managed P55250dw (J6U55A - J6U55D, J6U51B), HP PageWide Managed P57750dw (J9V82A - J9V82D, J9V78B), HP PageWide Managed P52750dw (J9V82A - J9V82D, J9V78B), HP PageWide Pro 452dn (D3Q15A, D3Q15B, D3Q15D), HP PageWide Pro 452dw (D3Q16A - D3Q16D, W2Z52B), HP PageWide Pro 477dn (D3Q19A, D3Q19B, D3Q19D), HP PageWide Pro 477dw (D3Q20A, D3Q20B, D3Q20C, D3Q20D, W2Z53B), HP PageWide Pro 552dw (2DR21D, D3Q17A - D3Q17D, K9Z74A - K9Z74D), HP PageWide Pro 577dw (D3Q21A,D3Q21B, D3Q21C, D3Q21D), HP PageWide Pro 577z (K9Z76A, K9Z76B, K9Z76D), IPS",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c PostScript- \u0438 PDF-\u0441\u043e\u0432\u043c\u0435\u0441\u0442\u0438\u043c\u044b\u0445 \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0430\u0442\u043e\u0440\u043e\u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Qualcomm IPS, \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u0430\u044f \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u043c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0426\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u043e\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0438\u043b\u0438 \u0446\u0438\u043a\u043b\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0441\u0434\u0432\u0438\u0433 (CWE-190)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c PostScript- \u0438 PDF-\u0441\u043e\u0432\u043c\u0435\u0441\u0442\u0438\u043c\u044b\u0445 \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0430\u0442\u043e\u0440\u043e\u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Qualcomm IPS \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u043c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://support.hp.com/us-en/document/c06458150\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-10627\nhttps://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-190",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,8)"
}

CVE-2019-10627 (GCVE-0-2019-10627)

Vulnerability from cvelistv5 – Published: 2019-11-21 14:38 – Updated: 2024-08-04 22:31

Summary

Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS versions prior to 2019.2

Severity ?

No CVSS data available.

CWE

Buffer overflow vulnerability in the PostScript- and PDF-compatible interpreters

Assigner

qualcomm

References

URL

Tags

	https://support.hp.com/us-en/document/c06458150	x_refsource_MISC
	https://www.qualcomm.com/company/product-security…	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Qualcomm, Inc.	PostScript and PDF printers that use IPS versions prior to 2019.2	Affected: PostScript and PDF printers that use IPS versions prior to 2019.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:31:59.930Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.hp.com/us-en/document/c06458150"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PostScript and PDF printers that use IPS versions prior to 2019.2",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "PostScript and PDF printers that use IPS versions prior to 2019.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS versions prior to 2019.2"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Buffer overflow vulnerability in the PostScript- and PDF-compatible interpreters",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-02-25T12:40:49.000Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.hp.com/us-en/document/c06458150"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@qualcomm.com",
          "ID": "CVE-2019-10627",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PostScript and PDF printers that use IPS versions prior to 2019.2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "PostScript and PDF printers that use IPS versions prior to 2019.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Qualcomm, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS versions prior to 2019.2"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow vulnerability in the PostScript- and PDF-compatible interpreters"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.hp.com/us-en/document/c06458150",
              "refsource": "MISC",
              "url": "https://support.hp.com/us-en/document/c06458150"
            },
            {
              "name": "https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin",
              "refsource": "CONFIRM",
              "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2019-10627",
    "datePublished": "2019-11-21T14:38:22.000Z",
    "dateReserved": "2019-03-29T00:00:00.000Z",
    "dateUpdated": "2024-08-04T22:31:59.930Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2020-00812

CVE-2019-10627 (GCVE-0-2019-10627)

Tags

Sightings

Nomenclature