National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2018-5924 Detail

Current Description

A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a stack buffer overflow, which could allow remote code execution.

Source:  MITRE
Description Last Modified:  08/13/2018
View Analysis Description

Impact

CVSS v3.0 Severity and Metrics:

Base Score: 9.8 CRITICAL
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (V3 legend)
Impact Score: 5.9
Exploitability Score: 3.9


Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): High
Integrity (I): High
Availability (A): High

CVSS v2.0 Severity and Metrics:

Base Score: 7.5 HIGH
Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P) (V2 legend)
Impact Subscore: 6.4
Exploitability Subscore: 10.0


Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (AU): None
Confidentiality (C): Partial
Integrity (I): Partial
Availability (A): Partial
Additional Information:
Allows unauthorized disclosure of information
Allows unauthorized modification
Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
http://www.securityfocus.com/bid/105010 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1041415 Third Party Advisory VDB Entry
https://research.checkpoint.com/sending-fax-back-to-the-dark-ages/ Third Party Advisory
https://support.hp.com/us-en/document/c06097712 Vendor Advisory

Technical Details

Vulnerability Type (View All)

Vulnerable software and versions Switch to CPE 2.2

Configuration 1
AND
OR
cpe:2.3:o:hp:t8x44_firmware:1828a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:t8x44:-:*:*:*:*:*:*:*
Configuration 2
AND
OR
cpe:2.3:o:hp:3aw51a_firmware:1828a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:3aw51a:-:*:*:*:*:*:*:*
Configuration 3
AND
OR
cpe:2.3:o:hp:a9u28b_firmware:1828b:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:a9u28b:-:*:*:*:*:*:*:*
Configuration 4
AND
OR
cpe:2.3:o:hp:d3a82a_firmware:1828b:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:d3a82a:-:*:*:*:*:*:*:*
Configuration 5
AND
OR
cpe:2.3:o:hp:v1n08a_firmware:1828a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:v1n08a:-:*:*:*:*:*:*:*
Configuration 6
AND
OR
cpe:2.3:o:hp:y5h80a_firmware:1828a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:y5h80a:-:*:*:*:*:*:*:*
Configuration 7
AND
OR
cpe:2.3:o:hp:d4h24b_firmware:1826a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:d4h24b:-:*:*:*:*:*:*:*
Configuration 8
AND
OR
cpe:2.3:o:hp:f5s57a_firmware:1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:f5s57a:-:*:*:*:*:*:*:*
Configuration 9
AND
OR
cpe:2.3:o:hp:k4t99b_firmware:1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:k4t99b:-:*:*:*:*:*:*:*
Configuration 10
AND
OR
cpe:2.3:o:hp:k4u04b_firmware:1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:k4u04b:-:*:*:*:*:*:*:*
Configuration 11
AND
OR
cpe:2.3:o:hp:t8x39_firmware:1828a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:t8x39:-:*:*:*:*:*:*:*
Configuration 12
AND
OR
cpe:2.3:o:hp:1sh08_firmware:1828a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:1sh08:-:*:*:*:*:*:*:*
Configuration 13
AND
OR
cpe:2.3:o:hp:3aw44a_firmware:1828a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:3aw44a:-:*:*:*:*:*:*:*
Configuration 14
AND
OR
cpe:2.3:o:hp:a9u19a_firmware:1828b:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:a9u19a:-:*:*:*:*:*:*:*
Configuration 15
AND
OR
cpe:2.3:o:hp:d3a78b_firmware:1828b:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:d3a78b:-:*:*:*:*:*:*:*
Configuration 16
AND
OR
cpe:2.3:o:hp:4uj28b_firmware:1828a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:4uj28b:-:*:*:*:*:*:*:*
Configuration 17
AND
OR
cpe:2.3:o:hp:v1n01a_firmware:1828a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:v1n01a:-:*:*:*:*:*:*:*
Configuration 18
AND
OR
cpe:2.3:o:hp:y5h60a_firmware:1828a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:y5h60a:-:*:*:*:*:*:*:*
Configuration 19
AND
OR
cpe:2.3:o:hp:d4h22a_firmware:1826a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:d4h22a:-:*:*:*:*:*:*:*
Configuration 20
AND
OR
cpe:2.3:o:hp:j6u57b_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:j6u57b:-:*:*:*:*:*:*:*
Configuration 21
AND
OR
cpe:2.3:o:hp:j9v82a_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:j9v82a:-:*:*:*:*:*:*:*
Configuration 22
AND
OR
cpe:2.3:o:hp:j9v82b_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:j9v82b:-:*:*:*:*:*:*:*
Configuration 23
AND
OR
cpe:2.3:o:hp:j9v82c_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:j9v82c:-:*:*:*:*:*:*:*
Configuration 24
AND
OR
cpe:2.3:o:hp:j9v82d_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:j9v82d:-:*:*:*:*:*:*:*
Configuration 25
AND
OR
cpe:2.3:o:hp:y3z57_firmware:005.1828a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:y3z57:-:*:*:*:*:*:*:*
Configuration 26
AND
OR
cpe:2.3:o:hp:w1b33_firmware:005.1828a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:w1b33:-:*:*:*:*:*:*:*
Configuration 27
AND
OR
cpe:2.3:o:hp:w1b39_firmware:005.1828a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:w1b39:-:*:*:*:*:*:*:*
Configuration 28
AND
OR
cpe:2.3:o:hp:w1b37_firmware:005.1828a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:w1b37:-:*:*:*:*:*:*:*
Configuration 29
AND
OR
cpe:2.3:o:hp:w1b38_firmware:005.1828a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:w1b38:-:*:*:*:*:*:*:*
Configuration 30
AND
OR
cpe:2.3:o:hp:j6u55a_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:j6u55a:-:*:*:*:*:*:*:*
Configuration 31
AND
OR
cpe:2.3:o:hp:j6u55b_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:j6u55b:-:*:*:*:*:*:*:*
Configuration 32
AND
OR
cpe:2.3:o:hp:j6u55c_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:j6u55c:-:*:*:*:*:*:*:*
Configuration 33
AND
OR
cpe:2.3:o:hp:j6u55d_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:j6u55d:-:*:*:*:*:*:*:*
Configuration 34
AND
OR
cpe:2.3:o:hp:y3z45_firmware:005.1828a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:y3z45:-:*:*:*:*:*:*:*
Configuration 35
AND
OR
cpe:2.3:o:hp:y3z47_firmware:005.1828a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:y3z47:-:*:*:*:*:*:*:*
Configuration 36
AND
OR
cpe:2.3:o:hp:j9v80a_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:j9v80a:-:*:*:*:*:*:*:*
Configuration 37
AND
OR
cpe:2.3:o:hp:j9v80b_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:j9v80b:-:*:*:*:*:*:*:*
Configuration 38
AND
OR
cpe:2.3:o:hp:d3q15a_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:d3q15a:-:*:*:*:*:*:*:*
Configuration 39
AND
OR
cpe:2.3:o:hp:d3q15b_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:d3q15b:-:*:*:*:*:*:*:*
Configuration 40
AND
OR
cpe:2.3:o:hp:d3q15d_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:d3q15d:-:*:*:*:*:*:*:*
Configuration 41
AND
OR
cpe:2.3:o:hp:d3q17a_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:d3q17a:-:*:*:*:*:*:*:*
Configuration 42
AND
OR
cpe:2.3:o:hp:d3q17c_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:d3q17c:-:*:*:*:*:*:*:*
Configuration 43
AND
OR
cpe:2.3:o:hp:d3q17d_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:d3q17d:-:*:*:*:*:*:*:*
Configuration 44
AND
OR
cpe:2.3:o:hp:y3z46_firmware:005.1828a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:y3z46:-:*:*:*:*:*:*:*
Configuration 45
AND
OR
cpe:2.3:o:hp:y3z44_firmware:005.1828a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:y3z44:-:*:*:*:*:*:*:*
Configuration 46
AND
OR
cpe:2.3:o:hp:d3q19a_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:d3q19a:-:*:*:*:*:*:*:*
Configuration 47
AND
OR
cpe:2.3:o:hp:d3q19d_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:d3q19d:-:*:*:*:*:*:*:*
Configuration 48
AND
OR
cpe:2.3:o:hp:d3q20a_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:d3q20a:-:*:*:*:*:*:*:*
Configuration 49
AND
OR
cpe:2.3:o:hp:d3q20b_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:d3q20b:-:*:*:*:*:*:*:*
Configuration 50
AND
OR
cpe:2.3:o:hp:d3q20c_firmware:001.1829a:*:*:*:*:*:*:*
OR
cpe:2.3:h:hp:d3q20c:-:*:*:*:*:*:*:*
Configuration 51
AND
OR
cpe:2.3:o:hp:d3q20d_firmware:001.1829a:*:*:*:*:*:*:*
Configuration 52
Configuration 53
Configuration 54
Configuration 55
Configuration 56
Configuration 57
Configuration 58
Configuration 59
Configuration 60
Configuration 61
Configuration 62
Configuration 63
Configuration 64
Configuration 65
Configuration 66
Configuration 67
Configuration 68
Configuration 69
Configuration 70
Configuration 71
Configuration 72
Configuration 73
Configuration 74
Configuration 75
Configuration 76
Configuration 77
Configuration 78
Configuration 79
Configuration 80
Configuration 81
Configuration 82
Configuration 83
Configuration 84
Configuration 85
Configuration 86
Configuration 87
Configuration 88
Configuration 89
Configuration 90
Configuration 91
Configuration 92
Configuration 93
Configuration 94
Configuration 95
Configuration 96
Configuration 97
Configuration 98
Configuration 99
Configuration 100
Configuration 101
Configuration 102
Configuration 103
Configuration 104
Configuration 105
Configuration 106
Configuration 107
Configuration 108
Configuration 109
Configuration 110
Configuration 111
Configuration 112
Configuration 113
Configuration 114
Configuration 115
Configuration 116
Configuration 117
Configuration 118
Configuration 119
Configuration 120
Configuration 121
Configuration 122
Configuration 123
Configuration 124
Configuration 125
Configuration 126
Configuration 127
Configuration 128
Configuration 129
Configuration 130
Configuration 131
Configuration 132
Configuration 133
Configuration 134
Configuration 135
Configuration 136
Configuration 137
Configuration 138
Configuration 139
Configuration 140
Configuration 141
Configuration 142
Configuration 143
Configuration 144
Configuration 145
Configuration 146
Configuration 147
Configuration 148
Configuration 149
Configuration 150
Configuration 151
Configuration 152
Configuration 153
Configuration 154
Configuration 155
Configuration 156
Configuration 157
Configuration 158
Configuration 159
Configuration 160
Configuration 161
Configuration 162
Configuration 163
Configuration 164
Configuration 165
Configuration 166
Configuration 167
Configuration 168
Configuration 169
Configuration 170
Configuration 171
Configuration 172
Configuration 173
Configuration 174
Configuration 175
Configuration 176
Configuration 177
Configuration 178
Configuration 179
Configuration 180
Configuration 181
Configuration 182
Configuration 183
Configuration 184
Configuration 185
Configuration 186
Configuration 187
Configuration 188
Configuration 189
Configuration 190
Configuration 191
Configuration 192
Configuration 193
Configuration 194
Configuration 195
Configuration 196
Configuration 197
Configuration 198
Configuration 199
Configuration 200
Configuration 201
Configuration 202
Configuration 203
Configuration 204
Configuration 205
Configuration 206
Configuration 207
Configuration 208
Configuration 209
Configuration 210
Configuration 211
Configuration 212
Configuration 213
Configuration 214
Configuration 215
Configuration 216
Configuration 217
Configuration 218
Configuration 219
Configuration 220
Configuration 221
Configuration 222
Configuration 223
Configuration 224
Configuration 225
Configuration 226
Configuration 227
Configuration 228
Configuration 229
Configuration 230
Configuration 231
Configuration 232
Configuration 233
Configuration 234
Configuration 235
Configuration 236
Configuration 237
Configuration 238
Configuration 239
Configuration 240
Configuration 241
Configuration 242
Configuration 243
Configuration 244
Configuration 245
Configuration 246
Configuration 247
Configuration 248
Configuration 249
Configuration 250
Configuration 251
Configuration 252
Configuration 253
Configuration 254
Configuration 255
Configuration 256
Configuration 257
Configuration 258
Configuration 259
Configuration 260
Configuration 261
Configuration 262
Configuration 263
Configuration 264
Configuration 265
Configuration 266
Configuration 267
Configuration 268
Configuration 269
Configuration 270
Showing 100 of 540 CPEs, view all CPEs here.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

2 change records found - show changes

Quick Info

CVE Dictionary Entry:
CVE-2018-5924
NVD Published Date:
08/13/2018
NVD Last Modified:
10/23/2018