Sign-up

ID

VAR-201908-0065


CVE

CVE-2019-9932


TITLE

plural Lexmark Product buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-008726

DESCRIPTION

Various Lexmark products have a Buffer Overflow (issue 2 of 3). plural Lexmark The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Lexmark CS31x and others are all printers from Lexmark. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. The following products and versions are affected: Lexmark CS31x with firmware LW71.VYL.P230 and earlier; CS41x with firmware LW71.VY2.P230 and earlier; CS51x with firmware LW71.VY4.P230 and earlier; GM2.P230 and previous versions of CX310, etc

Trust: 1.71

sources: NVD: CVE-2019-9932 // JVNDB: JVNDB-2019-008726 // VULHUB: VHN-161367

AFFECTED PRODUCTS

vendor:lexmarkmodel:mx71xscope:lteversion:lw71.tu.p230

Trust: 1.0

vendor:lexmarkmodel:m5163scope:lteversion:lw71.dn4.p230

Trust: 1.0

vendor:lexmarkmodel:x95xscope:lteversion:lhs60.tq.p705

Trust: 1.0

vendor:lexmarkmodel:ms317scope:lteversion:lw71.prl.p230

Trust: 1.0

vendor:lexmarkmodel:mx511scope:lteversion:lw71.sb4.p230

Trust: 1.0

vendor:lexmarkmodel:xm71xxscope:lteversion:lw71.tu.p230

Trust: 1.0

vendor:lexmarkmodel:ms610dnscope:lteversion:lw71.pr2.p230

Trust: 1.0

vendor:lexmarkmodel:mx611scope:lteversion:lw71.sb7.p230

Trust: 1.0

vendor:lexmarkmodel:c748scope:lteversion:lhs60.cm4.p705

Trust: 1.0

vendor:lexmarkmodel:x46xscope:lteversion:lr.bs.p815

Trust: 1.0

vendor:lexmarkmodel:mx6500escope:lteversion:lw71.jd.p230

Trust: 1.0

vendor:lexmarkmodel:ms310scope:lteversion:lw71.prl.p230

Trust: 1.0

vendor:lexmarkmodel:ms818scope:lteversion:lw71.dn2.p230

Trust: 1.0

vendor:lexmarkmodel:m1140scope:lteversion:lw71.prl.p230

Trust: 1.0

vendor:lexmarkmodel:c950scope:lteversion:lhs60.tp.p705

Trust: 1.0

vendor:lexmarkmodel:c734scope:lteversion:lr.sk.p815

Trust: 1.0

vendor:lexmarkmodel:ms71xscope:lteversion:lw71.dn2.p230

Trust: 1.0

vendor:lexmarkmodel:mx410scope:lteversion:lw71.sb4.p230

Trust: 1.0

vendor:lexmarkmodel:x792scope:lteversion:lhs60.mr.p705

Trust: 1.0

vendor:lexmarkmodel:6500escope:lteversion:lhs60.jr.p705

Trust: 1.0

vendor:lexmarkmodel:mx31xscope:lteversion:lw71.sb2.p230

Trust: 1.0

vendor:lexmarkmodel:ms312scope:lteversion:lw71.prl.p230

Trust: 1.0

vendor:lexmarkmodel:c746scope:lteversion:lhs60.cm2.p705

Trust: 1.0

vendor:lexmarkmodel:xs95xscope:lteversion:lhs60.tq.p705

Trust: 1.0

vendor:lexmarkmodel:xm51xxscope:lteversion:lw71.tu.p230

Trust: 1.0

vendor:lexmarkmodel:mx610scope:lteversion:lw71.sb7.p230

Trust: 1.0

vendor:lexmarkmodel:x73xscope:lteversion:lr.fl.p815

Trust: 1.0

vendor:lexmarkmodel:x74xscope:lteversion:lhs60.ny.p705

Trust: 1.0

vendor:lexmarkmodel:xs548scope:lteversion:lhs60.vk.p705

Trust: 1.0

vendor:lexmarkmodel:xm91xscope:lteversion:lw71.mg.p230

Trust: 1.0

vendor:lexmarkmodel:xm1135scope:lteversion:lw71.sb2.p230

Trust: 1.0

vendor:lexmarkmodel:ms812scope:lteversion:lw71.dn2.p230

Trust: 1.0

vendor:lexmarkmodel:e46xscope:lteversion:lr.lbh.p815

Trust: 1.0

vendor:lexmarkmodel:t65xscope:lteversion:lr.jp.p815

Trust: 1.0

vendor:lexmarkmodel:cx310scope:lteversion:lw71.gm2.p230

Trust: 1.0

vendor:lexmarkmodel:mx81xscope:lteversion:lw71.tu.p230

Trust: 1.0

vendor:lexmarkmodel:ms812descope:lteversion:lw71.dn7.p230

Trust: 1.0

vendor:lexmarkmodel:ms410scope:lteversion:lw71.prl.p230

Trust: 1.0

vendor:lexmarkmodel:c925scope:lteversion:lhs60.hv.p705

Trust: 1.0

vendor:lexmarkmodel:cs748scope:lteversion:lhs60.cm4.p705

Trust: 1.0

vendor:lexmarkmodel:xs925scope:lteversion:lhs60.hk.p705

Trust: 1.0

vendor:lexmarkmodel:c736scope:lteversion:lr.ske.p815

Trust: 1.0

vendor:lexmarkmodel:ms415scope:lteversion:lw71.tl2.p230

Trust: 1.0

vendor:lexmarkmodel:ms51xscope:lteversion:lw71.pr2.p230

Trust: 1.0

vendor:lexmarkmodel:m5163dnscope:lteversion:lw71.dn2.p230

Trust: 1.0

vendor:lexmarkmodel:x86xscope:lteversion:lp.sp.p815

Trust: 1.0

vendor:lexmarkmodel:cs41xscope:lteversion:lw71.vy2.p230

Trust: 1.0

vendor:lexmarkmodel:ms315scope:lteversion:lw71.tl2.p230

Trust: 1.0

vendor:lexmarkmodel:mx91xscope:lteversion:lw71.mg.p230

Trust: 1.0

vendor:lexmarkmodel:xm3150scope:lteversion:lw71.sb7.p230

Trust: 1.0

vendor:lexmarkmodel:ms417scope:lteversion:lw71.tl2.p230

Trust: 1.0

vendor:lexmarkmodel:mx510scope:lteversion:lw71.sb4.p230

Trust: 1.0

vendor:lexmarkmodel:c792scope:lteversion:lhs60.hc.p705

Trust: 1.0

vendor:lexmarkmodel:x65xscope:lteversion:lr.mn.p815

Trust: 1.0

vendor:lexmarkmodel:ms810scope:lteversion:lw71.dn2.p230

Trust: 1.0

vendor:lexmarkmodel:m3150dnscope:lteversion:lw71.pr2.p230

Trust: 1.0

vendor:lexmarkmodel:ms811scope:lteversion:lw71.dn2.p230

Trust: 1.0

vendor:lexmarkmodel:ms617scope:lteversion:lw71.pr2.p230

Trust: 1.0

vendor:lexmarkmodel:m5155scope:lteversion:lw71.dn4.p230

Trust: 1.0

vendor:lexmarkmodel:w850scope:lteversion:lp.jb.p815

Trust: 1.0

vendor:lexmarkmodel:ms91xscope:lteversion:lw71.sa.p230

Trust: 1.0

vendor:lexmarkmodel:cs31xscope:lteversion:lw71.vyl.p230

Trust: 1.0

vendor:lexmarkmodel:x548scope:lteversion:lhs60.vk.p705

Trust: 1.0

vendor:lexmarkmodel:ms810descope:lteversion:lw71.dn4.p230

Trust: 1.0

vendor:lexmarkmodel:xs748scope:lteversion:lhs60.ny.p705

Trust: 1.0

vendor:lexmarkmodel:m1145scope:lteversion:lw71.pr2.p230

Trust: 1.0

vendor:lexmarkmodel:ms817scope:lteversion:lw71.dn2.p230

Trust: 1.0

vendor:lexmarkmodel:xs79xscope:lteversion:lhs60.mr.p705

Trust: 1.0

vendor:lexmarkmodel:x925scope:lteversion:lhs60.hk.p705

Trust: 1.0

vendor:lexmarkmodel:cs796scope:lteversion:lhs60.hc.p705

Trust: 1.0

vendor:lexmarkmodel:m5170scope:lteversion:lw71.dn7.p230

Trust: 1.0

vendor:lexmarkmodel:cs31xscope: - version: -

Trust: 0.8

vendor:lexmarkmodel:cs41xscope: - version: -

Trust: 0.8

vendor:lexmarkmodel:cx310scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms1140scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms310scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms312scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms315scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms317scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms410scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms415scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2019-008726 // NVD: CVE-2019-9932

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-9932
value: CRITICAL

Trust: 1.0

NVD: CVE-2019-9932
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201908-2167
value: CRITICAL

Trust: 0.6

VULHUB: VHN-161367
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-9932
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-161367
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-9932
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-161367 // JVNDB: JVNDB-2019-008726 // CNNVD: CNNVD-201908-2167 // NVD: CVE-2019-9932

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-161367 // JVNDB: JVNDB-2019-008726 // NVD: CVE-2019-9932

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201908-2167

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201908-2167

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-008726

PATCH
title:TE920url:http://support.lexmark.com/index?page=content&id=TE920&locale=EN&userlocale=EN_US
Trust: 0.8
title:Multiple Lexmark Product Buffer Error Vulnerability Fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97651
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-008726 // 
            
            
            
            CNNVD: CNNVD-201908-2167

EXTERNAL IDS
db:NVDid:CVE-2019-9932
Trust: 2.5
db:JVNDBid:JVNDB-2019-008726
Trust: 0.8
db:CNNVDid:CNNVD-201908-2167
Trust: 0.7
db:VULHUBid:VHN-161367
Trust: 0.1
sources:
            
            
            VULHUB: VHN-161367 // 
            
            
            
            JVNDB: JVNDB-2019-008726 // 
            
            
            
            CNNVD: CNNVD-201908-2167 // 
            
            
            
            NVD: CVE-2019-9932

REFERENCES
url:http://support.lexmark.com/index?page=content&id=te920&locale=en&userlocale=en_us
Trust: 1.6
url:https://nvd.nist.gov/vuln/detail/cve-2019-9932
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9932
Trust: 0.8
url:http://support.lexmark.com/index?page=content&id=te920&locale=en&userlocale=en_us
Trust: 0.1
sources:
            
            
            VULHUB: VHN-161367 // 
            
            
            
            JVNDB: JVNDB-2019-008726 // 
            
            
            
            CNNVD: CNNVD-201908-2167 // 
            
            
            
            NVD: CVE-2019-9932

SOURCES
db:VULHUBid:VHN-161367
db:JVNDBid:JVNDB-2019-008726
db:CNNVDid:CNNVD-201908-2167
db:NVDid:CVE-2019-9932

LAST UPDATE DATE
2024-11-23T23:08:18.107000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-161367date:2019-09-03T00:00:00
db:JVNDBid:JVNDB-2019-008726date:2019-09-05T00:00:00
db:CNNVDid:CNNVD-201908-2167date:2019-09-04T00:00:00
db:NVDid:CVE-2019-9932date:2024-11-21T04:52:37.033

SOURCES RELEASE DATE
db:VULHUBid:VHN-161367date:2019-08-28T00:00:00
db:JVNDBid:JVNDB-2019-008726date:2019-09-05T00:00:00
db:CNNVDid:CNNVD-201908-2167date:2019-08-28T00:00:00
db:NVDid:CVE-2019-9932date:2019-08-28T22:15:12.267