CVE-2010-3920 Information

Description

The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7 or as downloaded from the vendor between May 2010 and 20101125 set weak permissions for the \C:\Program Files\ folder which might allow local users to bypass intended access restrictions and create or modify arbitrary files and directories.

Reference

http://jvn.jp/en/jp/JVN62736872/index.html http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000059.html http://osvdb.org/69678 http://secunia.com/advisories/42540 http://www.epson.jp/support/misc/lps7100_9000/index.htm