CVE-2006-1654

Currently unrated

Key Information:

Vendor: HP
Status: Color Laserjet 2500l; Color Laserjet; Color Laserjet 2500lse; Color Laserjet 2500
Vendor: CVE Published:; 6 April 2006

Summary

Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Toolbox on Microsoft Windows before 20060402 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 5225.

References

http://www.securityfocus.com/archive/1/429984/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.osvdb.org/24396

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/17367

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Apr 6, 2006
Vulnerability Reserved
Apr 6, 2006