Sign-up

ID

VAR-201908-0066


CVE

CVE-2019-9933


TITLE

plural Lexmark Buffer error vulnerability in product

Trust: 0.8

sources: JVNDB: JVNDB-2019-008725

DESCRIPTION

Various Lexmark products have a Buffer Overflow (issue 3 of 3). plural Lexmark The product contains a buffer error vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Lexmark CS31x and others are all printers from Lexmark. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. The following products and versions are affected: Lexmark CS31x with firmware LW71.VYL.P230 and earlier; CS41x with firmware LW71.VY2.P230 and earlier; CS51x with firmware LW71.VY4.P230 and earlier; GM2.P230 and previous versions of CX310, etc

Trust: 1.71

sources: NVD: CVE-2019-9933 // JVNDB: JVNDB-2019-008725 // VULHUB: VHN-161368

AFFECTED PRODUCTS

vendor:lexmarkmodel:mx71xscope:lteversion:lw71.tu.p230

Trust: 1.0

vendor:lexmarkmodel:m5163scope:lteversion:lw71.dn4.p230

Trust: 1.0

vendor:lexmarkmodel:x95xscope:lteversion:lhs60.tq.p705

Trust: 1.0

vendor:lexmarkmodel:ms317scope:lteversion:lw71.prl.p230

Trust: 1.0

vendor:lexmarkmodel:mx511scope:lteversion:lw71.sb4.p230

Trust: 1.0

vendor:lexmarkmodel:xm71xxscope:lteversion:lw71.tu.p230

Trust: 1.0

vendor:lexmarkmodel:ms610dnscope:lteversion:lw71.pr2.p230

Trust: 1.0

vendor:lexmarkmodel:mx611scope:lteversion:lw71.sb7.p230

Trust: 1.0

vendor:lexmarkmodel:c748scope:lteversion:lhs60.cm4.p705

Trust: 1.0

vendor:lexmarkmodel:x46xscope:lteversion:lr.bs.p815

Trust: 1.0

vendor:lexmarkmodel:mx6500escope:lteversion:lw71.jd.p230

Trust: 1.0

vendor:lexmarkmodel:ms310scope:lteversion:lw71.prl.p230

Trust: 1.0

vendor:lexmarkmodel:ms818scope:lteversion:lw71.dn2.p230

Trust: 1.0

vendor:lexmarkmodel:m1140scope:lteversion:lw71.prl.p230

Trust: 1.0

vendor:lexmarkmodel:c950scope:lteversion:lhs60.tp.p705

Trust: 1.0

vendor:lexmarkmodel:c734scope:lteversion:lr.sk.p815

Trust: 1.0

vendor:lexmarkmodel:ms71xscope:lteversion:lw71.dn2.p230

Trust: 1.0

vendor:lexmarkmodel:mx410scope:lteversion:lw71.sb4.p230

Trust: 1.0

vendor:lexmarkmodel:x792scope:lteversion:lhs60.mr.p705

Trust: 1.0

vendor:lexmarkmodel:6500escope:lteversion:lhs60.jr.p705

Trust: 1.0

vendor:lexmarkmodel:mx31xscope:lteversion:lw71.sb2.p230

Trust: 1.0

vendor:lexmarkmodel:ms312scope:lteversion:lw71.prl.p230

Trust: 1.0

vendor:lexmarkmodel:c746scope:lteversion:lhs60.cm2.p705

Trust: 1.0

vendor:lexmarkmodel:xs95xscope:lteversion:lhs60.tq.p705

Trust: 1.0

vendor:lexmarkmodel:xm51xxscope:lteversion:lw71.tu.p230

Trust: 1.0

vendor:lexmarkmodel:mx610scope:lteversion:lw71.sb7.p230

Trust: 1.0

vendor:lexmarkmodel:x73xscope:lteversion:lr.fl.p815

Trust: 1.0

vendor:lexmarkmodel:x74xscope:lteversion:lhs60.ny.p705

Trust: 1.0

vendor:lexmarkmodel:xs548scope:lteversion:lhs60.vk.p705

Trust: 1.0

vendor:lexmarkmodel:xm91xscope:lteversion:lw71.mg.p230

Trust: 1.0

vendor:lexmarkmodel:xm1135scope:lteversion:lw71.sb2.p230

Trust: 1.0

vendor:lexmarkmodel:ms812scope:lteversion:lw71.dn2.p230

Trust: 1.0

vendor:lexmarkmodel:e46xscope:lteversion:lr.lbh.p815

Trust: 1.0

vendor:lexmarkmodel:t65xscope:lteversion:lr.jp.p815

Trust: 1.0

vendor:lexmarkmodel:cx310scope:lteversion:lw71.gm2.p230

Trust: 1.0

vendor:lexmarkmodel:mx81xscope:lteversion:lw71.tu.p230

Trust: 1.0

vendor:lexmarkmodel:ms812descope:lteversion:lw71.dn7.p230

Trust: 1.0

vendor:lexmarkmodel:ms410scope:lteversion:lw71.prl.p230

Trust: 1.0

vendor:lexmarkmodel:c925scope:lteversion:lhs60.hv.p705

Trust: 1.0

vendor:lexmarkmodel:cs748scope:lteversion:lhs60.cm4.p705

Trust: 1.0

vendor:lexmarkmodel:xs925scope:lteversion:lhs60.hk.p705

Trust: 1.0

vendor:lexmarkmodel:c736scope:lteversion:lr.ske.p815

Trust: 1.0

vendor:lexmarkmodel:ms415scope:lteversion:lw71.tl2.p230

Trust: 1.0

vendor:lexmarkmodel:ms51xscope:lteversion:lw71.pr2.p230

Trust: 1.0

vendor:lexmarkmodel:m5163dnscope:lteversion:lw71.dn2.p230

Trust: 1.0

vendor:lexmarkmodel:x86xscope:lteversion:lp.sp.p815

Trust: 1.0

vendor:lexmarkmodel:cs41xscope:lteversion:lw71.vy2.p230

Trust: 1.0

vendor:lexmarkmodel:ms315scope:lteversion:lw71.tl2.p230

Trust: 1.0

vendor:lexmarkmodel:mx91xscope:lteversion:lw71.mg.p230

Trust: 1.0

vendor:lexmarkmodel:xm3150scope:lteversion:lw71.sb7.p230

Trust: 1.0

vendor:lexmarkmodel:ms417scope:lteversion:lw71.tl2.p230

Trust: 1.0

vendor:lexmarkmodel:mx510scope:lteversion:lw71.sb4.p230

Trust: 1.0

vendor:lexmarkmodel:c792scope:lteversion:lhs60.hc.p705

Trust: 1.0

vendor:lexmarkmodel:x65xscope:lteversion:lr.mn.p815

Trust: 1.0

vendor:lexmarkmodel:ms810scope:lteversion:lw71.dn2.p230

Trust: 1.0

vendor:lexmarkmodel:m3150dnscope:lteversion:lw71.pr2.p230

Trust: 1.0

vendor:lexmarkmodel:ms811scope:lteversion:lw71.dn2.p230

Trust: 1.0

vendor:lexmarkmodel:ms617scope:lteversion:lw71.pr2.p230

Trust: 1.0

vendor:lexmarkmodel:m5155scope:lteversion:lw71.dn4.p230

Trust: 1.0

vendor:lexmarkmodel:w850scope:lteversion:lp.jb.p815

Trust: 1.0

vendor:lexmarkmodel:ms91xscope:lteversion:lw71.sa.p230

Trust: 1.0

vendor:lexmarkmodel:cs31xscope:lteversion:lw71.vyl.p230

Trust: 1.0

vendor:lexmarkmodel:x548scope:lteversion:lhs60.vk.p705

Trust: 1.0

vendor:lexmarkmodel:ms810descope:lteversion:lw71.dn4.p230

Trust: 1.0

vendor:lexmarkmodel:xs748scope:lteversion:lhs60.ny.p705

Trust: 1.0

vendor:lexmarkmodel:m1145scope:lteversion:lw71.pr2.p230

Trust: 1.0

vendor:lexmarkmodel:ms817scope:lteversion:lw71.dn2.p230

Trust: 1.0

vendor:lexmarkmodel:xs79xscope:lteversion:lhs60.mr.p705

Trust: 1.0

vendor:lexmarkmodel:x925scope:lteversion:lhs60.hk.p705

Trust: 1.0

vendor:lexmarkmodel:cs796scope:lteversion:lhs60.hc.p705

Trust: 1.0

vendor:lexmarkmodel:m5170scope:lteversion:lw71.dn7.p230

Trust: 1.0

vendor:lexmarkmodel:cs31xscope: - version: -

Trust: 0.8

vendor:lexmarkmodel:cs41xscope: - version: -

Trust: 0.8

vendor:lexmarkmodel:cx310scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms1140scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms310scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms312scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms315scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms317scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms410scope: - version: -

Trust: 0.8

vendor:lexmarkmodel:ms415scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2019-008725 // NVD: CVE-2019-9933

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-9933
value: CRITICAL

Trust: 1.0

NVD: CVE-2019-9933
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201908-2168
value: CRITICAL

Trust: 0.6

VULHUB: VHN-161368
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-9933
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-161368
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-9933
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-161368 // JVNDB: JVNDB-2019-008725 // CNNVD: CNNVD-201908-2168 // NVD: CVE-2019-9933

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-161368 // JVNDB: JVNDB-2019-008725 // NVD: CVE-2019-9933

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201908-2168

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201908-2168

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-008725

PATCH
title:TE920url:http://support.lexmark.com/index?page=content&id=TE920&locale=EN&userlocale=EN_US
Trust: 0.8
title:Multiple Lexmark Product Buffer Error Vulnerability Fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97652
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-008725 // 
            
            
            
            CNNVD: CNNVD-201908-2168

EXTERNAL IDS
db:NVDid:CVE-2019-9933
Trust: 2.5
db:JVNDBid:JVNDB-2019-008725
Trust: 0.8
db:CNNVDid:CNNVD-201908-2168
Trust: 0.7
db:VULHUBid:VHN-161368
Trust: 0.1
sources:
            
            
            VULHUB: VHN-161368 // 
            
            
            
            JVNDB: JVNDB-2019-008725 // 
            
            
            
            CNNVD: CNNVD-201908-2168 // 
            
            
            
            NVD: CVE-2019-9933

REFERENCES
url:http://support.lexmark.com/index?page=content&id=te920&locale=en&userlocale=en_us
Trust: 1.6
url:https://nvd.nist.gov/vuln/detail/cve-2019-9933
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9933
Trust: 0.8
url:http://support.lexmark.com/index?page=content&id=te920&locale=en&userlocale=en_us
Trust: 0.1
sources:
            
            
            VULHUB: VHN-161368 // 
            
            
            
            JVNDB: JVNDB-2019-008725 // 
            
            
            
            CNNVD: CNNVD-201908-2168 // 
            
            
            
            NVD: CVE-2019-9933

SOURCES
db:VULHUBid:VHN-161368
db:JVNDBid:JVNDB-2019-008725
db:CNNVDid:CNNVD-201908-2168
db:NVDid:CVE-2019-9933

LAST UPDATE DATE
2024-11-23T22:58:37.426000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-161368date:2019-09-03T00:00:00
db:JVNDBid:JVNDB-2019-008725date:2019-09-05T00:00:00
db:CNNVDid:CNNVD-201908-2168date:2019-09-04T00:00:00
db:NVDid:CVE-2019-9933date:2024-11-21T04:52:37.230

SOURCES RELEASE DATE
db:VULHUBid:VHN-161368date:2019-08-28T00:00:00
db:JVNDBid:JVNDB-2019-008725date:2019-09-05T00:00:00
db:CNNVDid:CNNVD-201908-2168date:2019-08-28T00:00:00
db:NVDid:CVE-2019-9933date:2019-08-28T22:15:12.343