Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
HP ChaiVM EZLoader任意JAR本地装载漏洞
Vulnerability Description
HP ChaiVM是HP开发的一个专门为嵌入式设备优化的虚拟机,其中包含ChaiServer组件。 HP发布的新的增强装载器不能对新服务的签名进行充分验证,本地攻击者可以利用这个漏洞通过ChaiServer装载任意有问题的未授权服务。 HP ChaiVM中默认装载(this.loader)能够正确的验证服务的签名信息,但HP新发行的增强装载器(EZloader, this.ez)不能为新的服务正确的验证其签名。这可导致本地攻击者在HP ChaiVM中加载任意服务。
CVSS Information
N/A
Vulnerability Type
N/A