{"id":850,"date":"2024-02-29T15:58:10","date_gmt":"2024-02-29T13:58:10","guid":{"rendered":"https:\/\/techlance.ddns.net\/?p=850"},"modified":"2024-02-29T15:58:21","modified_gmt":"2024-02-29T13:58:21","slug":"useita-haavoittuvuuksia-lexmark-laitteissa","status":"publish","type":"post","link":"https:\/\/techlance.ddns.net\/en\/useita-haavoittuvuuksia-lexmark-laitteissa\/","title":{"rendered":"Useita haavoittuvuuksia Lexmark-laitteissa"},"content":{"rendered":"

Luokitus: Vakava, Ratkaisu: Virallinen korjaus, Hyv\u00e4ksik\u00e4yt\u00f6n kypsyys: Todistamaton, CVSSv3.1: 9.1 CVEt: CVE-2023-50734, CVE-2023-50735, CVE-2023-50736, CVE-2023-50737<\/p>\n\n\n\n

CVE-2023-50734: Puskurin ylivuotohaavoittuvuus on tunnistettu PostScript-tulkissa eri Lexmark-laitteissa. Hy\u00f6kk\u00e4\u00e4j\u00e4 voi k\u00e4ytt\u00e4\u00e4 haavoittuvuutta hyv\u00e4kseen suorittaakseen mielivaltaista koodia. CVSS: 9.0<\/p>\n\n\n\n

CVE-2023-50735: Kekoalueen turmeltumishaavoittuvuus on tunnistettu PostScript-tulkissa eri Lexmark-laitteissa. Hy\u00f6kk\u00e4\u00e4j\u00e4 voi k\u00e4ytt\u00e4\u00e4 haavoittuvuutta hyv\u00e4kseen suorittaakseen mielivaltaista koodia. CVSS: 9.0<\/p>\n\n\n\n

CVE-2023-50736: Muistin korruptiohaavoittuvuus on tunnistettu PostScript-tulkissa eri Lexmark-laitteissa. Hy\u00f6kk\u00e4\u00e4j\u00e4 voi k\u00e4ytt\u00e4\u00e4 haavoittuvuutta hyv\u00e4kseen suorittaakseen mielivaltaista koodia. CVSS: 9.0<\/p>\n\n\n\n

CVE-2023-50737: SE-valikko sis\u00e4lt\u00e4\u00e4 tietoja, joita Lexmark k\u00e4ytt\u00e4\u00e4 laitteiden virheiden diagnosointiin. Yhden SE-valikon rutiinin haavoittuvuutta voi hy\u00f6kk\u00e4\u00e4j\u00e4 k\u00e4ytt\u00e4\u00e4 hyv\u00e4kseen suorittaakseen mielivaltaista koodia. CVSS: 9.1<\/p>\n\n\n\n

Classification: Severe, Solution: Official Fix, Exploit Maturity: Unproven, CVSSv3.1: 9.1 CVEs: CVE-2023-50734, CVE-2023-50735, CVE-2023-50736, CVE-2023-50737 CVE-2023-50734: A buffer overflow vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. CVSS: 9.0 CVE-2023-50735: A heap corruption vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. CVSS: 9.0 CVE-2023-50736: A memory corruption vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. CVSS: 9.0 CVE-2023-50737: The SE menu contains information used by Lexmark to diagnose device errors. A vulnerability in one of the SE menu routines can be leveraged by an attacker to execute arbitrary code. CVSS: 9.1<\/p>\n\n\n\n

https:\/\/www.lexmark.com\/en_us\/solutions\/security\/lexmark-security-advisories.html<\/a><\/p>","protected":false},"excerpt":{"rendered":"

Luokitus: Vakava, Ratkaisu: Virallinen korjaus, Hyv\u00e4ksik\u00e4yt\u00f6n kypsyys: Todistamaton, CVSSv3.1: 9.1 CVEt: CVE-2023-50734, CVE-2023-50735, CVE-2023-50736, CVE-2023-50737 CVE-2023-50734: Puskurin ylivuotohaavoittuvuus on tunnistettu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[9],"tags":[15],"class_list":["post-850","post","type-post","status-publish","format-standard","hentry","category-security","tag-tietoturva"],"aioseo_notices":[],"aioseo_head":"\n\t\t\n\t\n\t\n\t\n\t\n\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t