Published:2010/12/08  Last Updated:2010/12/08

Vulnerability in Epson printer driver installer where access permissions are changed


A vulnerability in printer driver installers provided by Epson cause access permissions to a certain folder on the system to be changed.

Products Affected

  • Driver for LP-S9000 prior to Ver4.1.11 (32-bit and 64-bit)
  • Driver for LP-S7100 prior to Ver4.1.7 (32-bit and 64-bit)
According to the developer, printer drivers that were included with the product or downloaded from the developer website from the initial release of May 2010 through November 25, 2010 are affected by this vulnerability.
Also, users of Windows Vista and later operating systems are not affected.


When printer drivers provided by Epson are installed, the access permissions for the folder that contains program files (C:\Program Files) are changed. As a result, users that do not have permission to access that folder can gain access to that folder.


A user that does not have permission to access the folder may create, modify or delete arbitrary files or folders.


Update the software and change the settings
Apply the update and change the settings, according to the information provided by the developer.


JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Analyzed on 2010.12.08

Measures Conditions Severity
Access Required requires you to login into the box to a shell or remote desktop
  • Low-Mid
Authentication login caused to be created by an administrator
  • Low-Mid
User Interaction Required the vulnerability can be exploited without an honest user taking any action
  • High
Exploit Complexity some expertise and/or luck required (most buffer overflows, guessing correctly in small space, expertise in Windows function calls)
  • Mid-High

Description of each analysis measures


Other Information

JPCERT Reports
CERT Advisory
CPNI Advisory
CVE CVE-2010-3920
JVN iPedia JVNDB-2010-000059