Sign-up

ID

VAR-201901-1692


TITLE

Lenovo LJ1680 Home Edition (Win7 64bit) has a memory corruption vulnerability

Trust: 0.6

sources: CNVD: CNVD-2018-26068

DESCRIPTION

LJ1680 Home Edition is a black and white laser printer with a black and white print speed of 16ppm and a maximum resolution of 1200x1200dpi. Lenovo LJ1680 Home Edition (Win7 64bit) has a memory corruption vulnerability. The vulnerability is due to the SSPORT.sys driver failing to properly check input parameters when processing IO request 0x9C402408. An attacker could exploit the vulnerability to cause memory write corruption and cause the operating system to crash.

Trust: 0.6

sources: CNVD: CNVD-2018-26068

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-26068

AFFECTED PRODUCTS

vendor:lenovomodel:group lj1680 home editionscope:eqversion:v2.0

Trust: 0.6

sources: CNVD: CNVD-2018-26068

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2018-26068
value: LOW

Trust: 0.6

CNVD: CNVD-2018-26068
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2018-26068

PATCH

title:Memory corruption vulnerability in driver SSPORT.sys for Lenovo printer LJ1680 Home Edition (Win7 64bit)url:https://www.cnvd.org.cn/patchinfo/show/144845

Trust: 0.6

sources: CNVD: CNVD-2018-26068

EXTERNAL IDS

db:CNVDid:CNVD-2018-26068

Trust: 0.6

sources: CNVD: CNVD-2018-26068

SOURCES

db:CNVDid:CNVD-2018-26068

LAST UPDATE DATE

2022-05-04T09:43:06.290000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2018-26068date:2019-01-10T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2018-26068date:2019-01-03T00:00:00