CVE-2010-3920
Published Dec 8, 2010
Last updated 14 years ago
Overview
- Description
- The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or as downloaded from the vendor between May 2010 and 20101125, set weak permissions for the "C:\Program Files" folder, which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories.
- Source
- vultures@jpcert.or.jp
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:epson:lp-s7100:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5741D0D8-8F00-4E38-8798-A39D5467C4C9"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:epson:lp-s7100_driver_4.1.0:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4620B936-4901-40AC-B6CC-F73C49958FEE"
},
{
"criteria": "cpe:2.3:a:epson:lp-s7100_driver_4.1.7:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "29B69116-7F42-4BF5-A580-1B26EB83ACF0"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:epson:lp-s9000:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F4E6E2CE-BDC3-447E-82CD-F4AC3FDDA99D"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:epson:lp-s9000_driver_4.1.0:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1671F4CB-0843-4791-B746-E29AE0A63BFF"
},
{
"criteria": "cpe:2.3:a:epson:lp-s9000_driver_4.1.11:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D90FCB26-B2A7-4043-88F9-78ADC5F8E5F8"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]