CVE-2012-5221

Home/CVE/Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M43

CVE

Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M43

Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx.

LaserJet Enterprise P3015.

Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015.

Color LaserJet Enterprise CP4xxx.

and 9250c Digital Sender with model-dependent firmware through 52.x allows remote attackers to read arbitrary files via unknown vectors.

MEDIUM · CVSS 5 EPSS 0.02058

Monitor

No active-exploitation, high-EPSS, or public-exploit signals - routine patching cadence

Sigma rules0 YARA rules0

▤

Affected Products & Versions

hp color laserjet 3000all versions
hp color laserjet 3800all versions
hp color laserjet 4700all versions
hp color laserjet 4730 mfpall versions
hp color laserjet 5550all versions
hp color laserjet 9500 mfpall versions
hp color laserjet cm6030 mfpall versions
hp color laserjet cm6040 mfpall versions
Show all 37 affected productshp color laserjet cp3505all versions
hp color laserjet cp3525all versions
hp color laserjet cp4005all versions
hp color laserjet cp6015all versions
hp color laserjet enterprise cp4025all versions
hp color laserjet enterprise cp4525all versions
hp digital sender 9250call versions
hp laserjet 4240all versions
hp laserjet 4250all versions
hp laserjet 4345 mfpall versions
hp laserjet 4350all versions
hp laserjet 5200lall versions
hp laserjet 5200nall versions
hp laserjet 9040all versions
hp laserjet 9040 mfpall versions
hp laserjet 9050all versions
hp laserjet 9050 mfpall versions
hp laserjet enterprise p3015all versions
hp laserjet m3027 mfpall versions
hp laserjet m3035 mfpall versions
hp laserjet m4345 mfpall versions
hp laserjet m5025 mfpall versions
hp laserjet m5035 mfpall versions
hp laserjet m9040 mpfall versions
hp laserjet m9050 mpfall versions
hp laserjet p3005all versions
hp laserjet p4014all versions
hp laserjet p4015all versions
hp laserjet p4515all versions

▣

Scoring & Timeline

MEDIUM · CVSS v2 (legacy) · hp-security-alert@hp.com

View on NVD

This CVE predates CVSS v3; the legacy v2 score is shown so triage still has a severity to work with.

v2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Published to NVD29 Apr 2013 · 09:55 PM

🔗

References & Sources

Source URLs (vendor pages, mailing lists, write-ups). Exploit/PoC links are in their own section above to avoid duplication.

http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1023

https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03744742Vendor Advisory

Intelligence Graph · click any node to traverse

CVETechnique ActorTool Family

drag to reposition · click any node to traverse · button top-right enlarges

External lookups - second-class, for what we don’t hold ourselves

NVD CVE.org CISA Vulners Exploit-DB GitHub PoC VulnCheck KEV GreyNoise

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin