Back to search
CVE-2007-0161
Published: Jan 10, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument, a related issue to CVE-2006-0023.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
2128
third-party-advisory
x_refsource_SREASON
pml-driver-config-privilege-escalation(31361)
vdb-entry
x_refsource_XF
23663
third-party-advisory
x_refsource_SECUNIA
ADV-2007-0094
vdb-entry
x_refsource_VUPEN
32654
vdb-entry
x_refsource_OSVDB
http://secway.org/advisory/AD20070108.txt
x_refsource_MISC
21935
vdb-entry
x_refsource_BID
20070108 HP Multiple Products PML Driver Local Privilege Escalation
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now