medium
5
Advisory Published
Updated

CVE-2012-5221

First published: Mon Apr 29 2013(Updated: )

Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors.

Credit: hp-security-alert@hp.com

Affected SoftwareAffected VersionHow to fix
HP Color LaserJet 3000=q7534a
HP Color LaserJet 3800=q5981a
HP Color LaserJet 4700=q7492a
HP Color LaserJet 4730 MFP=cb480a
HP Color LaserJet 5550=q3714a
HP Color LaserJet 9500=c8549a
HP Color LaserJet cm6030=ce664a
HP Color LaserJet CM6040=q3939a
HP Color LaserJet CP3505=cb442a
Hp Color Laserjet Cp3525 Printer=cc469a
HP Color LaserJet CP4005n=cb503a
HP Color LaserJet cp6015=q3932a
HP Color LaserJet Enterprise CP4025=cc490a
HP Color LaserJet Enterprise CP4525=cc493a
HP Digital Sender=cb472a
HP LaserJet 4240n=q7785a
HP LaserJet 4250n=q5400a
HP LaserJet m4345x MFP=q3942a
HP LaserJet 4350n=q5407a
HP LaserJet 5200l=q7543a
HP LaserJet 5200n=q7543a
HP LaserJet 9040 MFP=q7697a
HP LaserJet M9040=q3721a
HP LaserJet 9050 MFP=q7697a
HP LaserJet 9050n=q3721a
HP LaserJet P3015=ce526a
HP LaserJet M3027 MFP=cb416a
HP LaserJet m3035 MFP=cb414a
HP LaserJet m3035 MFP=cc519a
HP LaserJet m4345x MFP=cb425a
HP LaserJet m5025 MFP=q7840a
HP LaserJet m5035 MFP=q7829a
HP LaserJet 9040=cc394a
HP LaserJet M9050 Multifunction Printer=cc395a
HP LaserJet P3005n=q7812a
HP LaserJet P4014=cb507a
HP LaserJet p4014=cb509a
HP LaserJet P4515=cb514a

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2012-5221?

    CVE-2012-5221 has a medium severity rating as it allows unauthorized local file access through directory traversal.

  • How do I fix CVE-2012-5221?

    To mitigate CVE-2012-5221, update the affected HP printer firmware to the latest version provided by HP.

  • Which HP printer models are affected by CVE-2012-5221?

    CVE-2012-5221 affects several HP LaserJet and Color LaserJet models, including the LaserJet 4xxx, 5200, CP4005, and more.

  • What kind of attack is possible with CVE-2012-5221?

    An attacker could exploit CVE-2012-5221 to execute commands or access sensitive files on the printer or connected systems via crafted PostScript files.

  • Is there a workaround available for CVE-2012-5221?

    A potential workaround for CVE-2012-5221 involves restricting printer access to trusted users through network configurations.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203