First published: Sun Dec 10 2006(Updated: )
The Web User Interface in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allows remote attackers to execute arbitrary commands via unspecified vectors involving "command injection" in (1) the TCP/IP hostname, (2) Scan-to-mailbox folder names, and (3) certain parameters in the Microsoft Networking configuration. NOTE: vector 1 might be the same as CVE-2006-5290.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Xerox WorkCentre | =12.060.17.000 | |
Xerox WorkCentre | =13.060.17.000 | |
Xerox WorkCentre | =14.060.17.000 | |
Xerox WorkCentre | =12.060.17.000 | |
Xerox WorkCentre | =13.060.17.000 | |
Xerox WorkCentre | =14.060.17.000 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.