CVE-2019-10627 : Integer overflow to buffer overflow vulnerability in PostScript image handling c

Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS versions prior to 2019.2

Published 2019-11-21 15:15:14

Updated 2022-04-12 18:41:03

Source Qualcomm, Inc.

View at NVD, CVE.org

Vulnerability category: Overflow

Products affected by CVE-2019-10627

HP » J6u57b Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:j6u57b_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » J6u57b » Version: N/A
HP » J9v82a Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:j9v82a_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » J9v82a » Version: N/A
HP » J9v82d Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:j9v82d_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » J9v82d » Version: N/A
HP » J6u55a Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:j6u55a_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » J6u55a » Version: N/A
HP » J6u55d Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:j6u55d_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » J6u55d » Version: N/A
HP » J9v80a Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:j9v80a_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » J9v80a » Version: N/A
HP » J9v80b Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:j9v80b_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » J9v80b » Version: N/A
HP » D3q15a Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:d3q15a_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D3q15a » Version: N/A
HP » D3q15b Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:d3q15b_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D3q15b » Version: N/A
HP » D3q15d Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:d3q15d_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D3q15d » Version: N/A
HP » D3q17a Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:d3q17a_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D3q17a » Version: N/A
HP » D3q17d Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:d3q17d_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D3q17d » Version: N/A
HP » D3q19a Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:d3q19a_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D3q19a » Version: N/A
HP » D3q19d Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:d3q19d_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D3q19d » Version: N/A
HP » D3q20a Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:d3q20a_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D3q20a » Version: N/A
HP » D3q20b Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:d3q20b_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D3q20b » Version: N/A
HP » D3q20c Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:d3q20c_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D3q20c » Version: N/A
HP » D3q20d Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:d3q20d_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D3q20d » Version: N/A
HP » D3q21a Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:d3q21a_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D3q21a » Version: N/A
HP » D3q21c Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:d3q21c_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D3q21c » Version: N/A
HP » D3q21d Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:d3q21d_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D3q21d » Version: N/A
HP » K9z76a Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:k9z76a_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » K9z76a » Version: N/A
HP » K9z76d Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:k9z76d_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » K9z76d » Version: N/A
HP » D3q16a Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:d3q16a_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D3q16a » Version: N/A
HP » D3q16d Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:d3q16d_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D3q16d » Version: N/A
HP » D9l63a Firmware
Versions before (<) 001.1937c
cpe:2.3:o:hp:d9l63a_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D9l63a » Version: N/A
HP » D9l64a Firmware
Versions before (<) 001.1937c
cpe:2.3:o:hp:d9l64a_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D9l64a » Version: N/A
HP » T0g70a Firmware
Versions before (<) 001.1937c
cpe:2.3:o:hp:t0g70a_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » T0g70a » Version: N/A
HP » J3p68a Firmware
Versions before (<) 001.1937c
cpe:2.3:o:hp:j3p68a_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » J3p68a » Version: N/A
HP » J3p65a Firmware
Versions before (<) 001.1937c
cpe:2.3:o:hp:j3p65a_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » J3p65a » Version: N/A
HP » J6u57a Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:j6u57a_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » J6u57a » Version: N/A
HP » J6u51b Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:j6u51b_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » J6u51b » Version: N/A
HP » J9v78b Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:j9v78b_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » J9v78b » Version: N/A
HP » W2z52b Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:w2z52b_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » W2z52b » Version: N/A
HP » D3q19b Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:d3q19b_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D3q19b » Version: N/A
HP » W2z53b Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:w2z53b_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » W2z53b » Version: N/A
HP » 2dr21d Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:2dr21d_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » 2dr21d » Version: N/A
HP » K9z74a Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:k9z74a_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » K9z74a » Version: N/A
HP » K9z74d Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:k9z74d_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » K9z74d » Version: N/A
HP » D3q21b Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:d3q21b_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » D3q21b » Version: N/A
HP » K9z76b Firmware
Versions before (<) 001.1937d
cpe:2.3:o:hp:k9z76b_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: HP » K9z76b » Version: N/A
Qualcomm » IPS
Versions before (<) 2019.2
cpe:2.3:a:qualcomm:ips:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2019-10627

EPSS FAQ

0.56%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 66 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2019-10627

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2019-10627

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: nvd@nist.gov (Primary)
CWE-131 Incorrect Calculation of Buffer Size

The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.

Assigned by: nvd@nist.gov (Primary)
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2019-10627

https://support.hp.com/us-en/document/c06458150

HPSBPI03630 rev. 2 - HP Inkjet Printers - Buffer Overflow and Local Disclosure of Information | HP® Customer Support
Vendor Advisory

CVEs referencing this url
https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin

October Security Bulletin 2019 | Qualcomm
Third Party Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2019-10627

Products affected by CVE-2019-10627

Exploit prediction scoring system (EPSS) score for CVE-2019-10627

CVSS scores for CVE-2019-10627

CWE ids for CVE-2019-10627

References for CVE-2019-10627