CVE-2009-2684: XSS
First published: Tue Oct 13 2009(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect and the Embedded Web Server (EWS) on certain HP LaserJet and Color LaserJet printers, and HP Digital Senders, allow remote attackers to inject arbitrary web script or HTML via the (1) Product_URL or (2) Tech_URL parameter in an Apply action to the support_param.html/config script.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hp Laserjet 5200n | ||
| Hp Laserjet 9050n | ||
| Hp Cm8060 Mfp | ||
| Hp Color Laserjet Cp3505 | ||
| Hp Laserjet M9050 Mpf | ||
| Hp Color Laserjet Cp4005n | ||
| Hp Laserjet M5025 Mfp | ||
| Hp Color Laserjet Cm4730 Mfp | ||
| Hp Laserjet P4014 | ||
| Hp Color Laserjet 6040 Mfp | ||
| Hp Laserjet 4250n | ||
| Hp Laserjet M4345x Mfp | ||
| Hp Laserjet 9040n | ||
| Hp Color Laserjet 3000n | ||
| Hp Color Laserjet 4700n | ||
| Hp Laserjet 2430n | ||
| Hp Laserjet P3005n | ||
| Hp Laserjet M3035 Mfp | ||
| Hp Color Laserjet 3600n | ||
| Hp Laserjet 2410 | ||
| Hp Color Laserjet 4730 Mfp | ||
| Hp Laserjet P4515 | ||
| Hp Laserjet 2420 | ||
| Hp Laserjet 9050 Mfp | ||
| Hp Color Laserjet 3800n | ||
| Hp Laserjet M3027 Mfp | ||
| Hp Cm8050 Mfp | ||
| Hp Laserjet M9040 Mpf | ||
| Hp Ds 9250c | ||
| Hp Laserjet 4240 | ||
| Hp Color Laserjet Cp6015 | ||
| Hp Ds 9200c | ||
| Hp Laserjet 4350n | ||
| Hp Laserjet 9040 Mfp | ||
| Hp Laserjet 4345 Mfp |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://dsecrg.com/pages/vul/show.php?id=148
- http://secunia.com/advisories/36969
- http://www.securityfocus.com/bid/36613
- http://www.vupen.com/english/advisories/2009/2850
- http://marc.info/?l=bugtraq&m=125493484205823&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53677
- http://www.securityfocus.com/archive/1/507038/100/0/threaded
- collector/nvd-historical
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/hp
- canonical/hp laserjet 5200n
- canonical/hp laserjet 9050n
- canonical/hp cm8060 mfp
- canonical/hp color laserjet cp3505
- canonical/hp laserjet m9050 mpf
- canonical/hp color laserjet cp4005n
- canonical/hp laserjet m5025 mfp
- canonical/hp color laserjet cm4730 mfp
- canonical/hp laserjet p4014
- canonical/hp color laserjet 6040 mfp
- canonical/hp laserjet 4250n
- canonical/hp laserjet m4345x mfp
- canonical/hp laserjet 9040n
- canonical/hp color laserjet 3000n
- canonical/hp color laserjet 4700n
- canonical/hp laserjet 2430n
- canonical/hp laserjet p3005n
- canonical/hp laserjet m3035 mfp
- canonical/hp color laserjet 3600n
- canonical/hp laserjet 2410
- canonical/hp color laserjet 4730 mfp
- canonical/hp laserjet p4515
- canonical/hp laserjet 2420
- canonical/hp laserjet 9050 mfp
- canonical/hp color laserjet 3800n
- canonical/hp laserjet m3027 mfp
- canonical/hp cm8050 mfp
- canonical/hp laserjet m9040 mpf
- canonical/hp ds 9250c
- canonical/hp laserjet 4240
- canonical/hp color laserjet cp6015
- canonical/hp ds 9200c
- canonical/hp laserjet 4350n
- canonical/hp laserjet 9040 mfp
- canonical/hp laserjet 4345 mfp