Stack-based Buffer Overflow in Lexmark Laser Printers and Multi-function Printers
CVE-2010-0619

Currently unrated

Key Information:

Vendor: Lexmark
Status: X94x
Vendor: CVE Published:; 24 March 2010

Summary

A stack-based buffer overflow vulnerability exists in several Lexmark laser printers and multi-function printers due to improper handling of the PJL INQUIRE command. This flaw allows remote attackers to exploit the vulnerability by sending a specially crafted long argument, which could lead to execution of arbitrary code or a denial of service condition, causing the device to hang. Affected components include the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE.

References

http://www.securityfocus.com/archive/1/510251/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://support.lexmark.com/index?page=content&id=TE84&loc...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/38901

vdb-entryx_refsource_BID

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 24, 2010
Vulnerability Reserved
Feb 11, 2010