Vulnerability in Hp Chaivm_ezloader

CVE-2002-1796

ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services.

EPSS: 0.003 (23.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

References

  • cve@mitre.org (x_refsource_MISC, Broken Link, Vendor Advisory)
  • cve@mitre.org (VDB Entry, Third Party Advisory, vdb-entry, Broken Link, x_refsource_BID)
  • cve@mitre.org (Broken Link, Vendor Advisory, x_refsource_HP, vendor-advisory, Patch, VDB Entry, Third Party Advisory)
  • cve@mitre.org (vdb-entry, Broken Link, x_refsource_XF)
  • cve@mitre.org (mailing-list, x_refsource_BUGTRAQ, VDB Entry, Third Party Advisory, Broken Link)

Frequently asked questions

What is CVE-2002-1796?
CVE-2002-1796 is a high-severity vulnerability in Hp Chaivm_ezloader, classified under Improper Verification of Cryptographic Signature. CVSS score: 7.8/10. Published 2002-12-31.
How severe is CVE-2002-1796?
High severity. CVSS v3 base score is 7.8 out of 10.