CVE-2006-1654

Published Apr 6, 2006

Last updated 6 years ago

Overview

Description: Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Toolbox on Microsoft Windows before 20060402 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 5225.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:hp:color_laserjet_2500_toolbox:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A304024-34D2-42C3-98F4-6BE6BEEEE380"
          },
          {
            "criteria": "cpe:2.3:a:hp:color_laserjet_4600_toolbox:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93C88DC2-EAE6-443A-BAF2-78943D1F88C5"
          },
          {
            "criteria": "cpe:2.3:h:hp:color_laserjet:4600dn:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B99CE20D-49C1-4F5B-9C38-9CAE666A291B"
          },
          {
            "criteria": "cpe:2.3:h:hp:color_laserjet:4600dtn:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43DEF370-33FF-427F-A18B-7256856F7231"
          },
          {
            "criteria": "cpe:2.3:h:hp:color_laserjet:4600hdn:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "001EEE62-31B1-40AC-81BC-A75D75798887"
          },
          {
            "criteria": "cpe:2.3:h:hp:color_laserjet_2500:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2E92501-3E8C-4E61-9B65-87A7344747E4"
          },
          {
            "criteria": "cpe:2.3:h:hp:color_laserjet_2500l:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16651605-4616-44F8-8401-8DD057932BBA"
          },
          {
            "criteria": "cpe:2.3:h:hp:color_laserjet_2500lse:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8ADB9132-CEF5-47A0-AC21-BE6B7F89B166"
          },
          {
            "criteria": "cpe:2.3:h:hp:color_laserjet_2500n:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CEB99C79-1DB4-4545-8457-515B1F9F484B"
          },
          {
            "criteria": "cpe:2.3:h:hp:color_laserjet_2500tn:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "95B58AD8-F848-4286-8AB4-A8EA0372D5D2"
          },
          {
            "criteria": "cpe:2.3:h:hp:color_laserjet_4600:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6A133B7-AEA8-4F26-8632-2CEDE9EBB66E"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References