Check CVE Id
Check CWE Id
Directory traversal vulnerability in the LibraryFileUploadServlet servlet in Lexmark Markvision Enterprise allows remote authenticated users to write to and execute arbitrary files via a .. (dot dot) in a file path in a ZIP archive.
See advisories in our WLB2 database:
Lexmark MarkVision Enterprise Arbitrary File Upload
(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))
CVSS Base Score
Lexmark Scan To Network (SNF) 3.2.9 and earlier stores network configuration credentials in plaintext and transmits them in requests, which allows remote attackers to obtain sensitive information via requests to (1) cgi-bin/direct/printer/prtappauth/...
An exploitable use-after-free exists in the PDF parsing functionality of Lexmark Perspective Document Filters 126.96.36.1990 and 188.8.131.522. A crafted PDF document can lead to a use-after-free resulting in direct code execution.
An exploitable code execution vulnerability exists in the image rendering functionality of Lexmark Perceptive Document Filters 184.108.40.2060. A specifically crafted PDF can cause a function call on a corrupted DCTStream to occur, resulting in user cont...
An exploitable arbitrary read exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a arbitrary read resulting in memory disclosure. The vulnerability was confirmed on versi...
An exploitable heap overflow vulnerability exists in the Compound Binary File Format (CBFF) parser functionality of Lexmark Perceptive Document Filters library. A specially crafted CBFF file can cause a code execution. An attacker can send a malforme...
An exploitable buffer overflow exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a stack based buffer overflow resulting in remote code execution.
An exploitable out-of-bounds write exists in the Bzip2 parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted Bzip2 document can lead to a stack-based buffer overflow causing an out-of-bounds write which under the rig...
Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive in...
Back to Top