[Japanese]

JVNDB-2019-000058

Multiple buffer overflow vulnerabilities in multiple Ricoh printers and Multifunction Printers (MFPs)

Overview

Multiple printers and Multifunction Printers (MFPs) provided by RICOH COMPANY, LTD. contain multiple buffer overflows vulnerabilities listed below.
* Buffer overflow in parsing HTTP cookie header (CWE-119) - CVE-2019-14300
* Buffer overflow in parsing HTTP parameter setting for Wifi, mDNS, POP3, SMTP and alert (CWE-119) - CVE-2019-14305
* Buffer overflow in parsing HTTP parameter setting for SNMP (CWE-119) - CVE-2019-14307
* Buffer overflow in parsing LPD packet (CWE-119) - CVE-2019-14308

RICOH COMPANY, LTD. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and RICOH COMPANY, LTD. coordinated under the Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 9.8 (Critical) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics 7.5 (High) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2019-14300


CVSS V3 Severity:
Base Metrics: 9.8 (Critical) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics: 7.5 (High) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2019-14305


CVSS V3 Severity:
Base Metrics: 9.8 (Critical) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics: 7.5 (High) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2019-14307


CVSS V3 Severity:
Base Metrics: 9.8 (Critical) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics: 7.5 (High) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2019-14308
Affected Products


Ricoh Co., Ltd
  • SP C250DN firmware versions prior to ver.1.13
  • SP C250SF firmware versions prior to ver.1.13
  • SP C252DN firmware versions prior to ver.1.07
  • SP C252SF firmware versions prior to ver.1.07

Impact

A remote attacker may be able to cause a denial-of-service (DoS) condition or may execute arbitrary code.
Solution

[Update the Firmware]
Apply the appropriate firmware update according to the information provided by the developer.
Vendor Information

Ricoh Co., Ltd
CWE (What is CWE?)

  1. Buffer Errors(CWE-119) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2019-14300
  2. CVE-2019-14305
  3. CVE-2019-14307
  4. CVE-2019-14308
References

  1. JVN : JVN#11708203
  2. National Vulnerability Database (NVD) : CVE-2019-14300
  3. National Vulnerability Database (NVD) : CVE-2019-14305
  4. National Vulnerability Database (NVD) : CVE-2019-14307
  5. National Vulnerability Database (NVD) : CVE-2019-14308
Revision History

  • [2019/09/13]
      Web page was published