CVE-2009-1656: Command Injection
First published: Sat May 16 2009(Updated: )
Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265, 275; and WorkCentre 5632, 5638, 5645, 5655, 5665, 5675, 5687, 7655, 7656, and 7675 allows remote attackers to execute arbitrary commands via unknown attack vectors, aka "command injection vulnerability."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xerox WorkCentre | =265 | |
| Xerox WorkCentre | =245 | |
| Xerox WorkCentre | =245 | |
| Xerox WorkCentre | =255 | |
| Xerox WorkCentre | =5665 | |
| Xerox WorkCentre | =7665 | |
| Xerox WorkCentre | =232 | |
| Xerox WorkCentre | =5645 | |
| Xerox WorkCentre | =238 | |
| Xerox WorkCentre | =238 | |
| Xerox WorkCentre | =5675 | |
| Xerox WorkCentre | =255 | |
| Xerox WorkCentre | =275 | |
| Xerox WorkCentre | =7655 | |
| Xerox WorkCentre | =232 | |
| Xerox WorkCentre | =275-pro | |
| Xerox WorkCentre | =5655 | |
| Xerox WorkCentre | =5638 | |
| Xerox WorkCentre | =5687 | |
| Xerox WorkCentre | =265 | |
| Xerox WorkCentre | =7675 | |
| Xerox WorkCentre | =5632 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://osvdb.org/54457
- http://secunia.com/advisories/35101
- http://www.securityfocus.com/bid/34984
- http://www.securitytracker.com/id?1022238
- http://www.vupen.com/english/advisories/2009/1328
- http://www.xerox.com/downloads/usa/en/c/cert_XRX09-02_v1.0.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50558
Frequently Asked Questions
What is the severity of CVE-2009-1656?
The severity of CVE-2009-1656 is rated as high due to its capability to allow remote code execution.
How do I fix CVE-2009-1656?
Fixing CVE-2009-1656 involves applying the firmware updates provided by Xerox for the affected WorkCentre models.
What types of devices are affected by CVE-2009-1656?
CVE-2009-1656 affects various models of Xerox WorkCentre, including models 232, 238, 245, 255, 265, 275, and several others.
Can CVE-2009-1656 be exploited remotely?
Yes, CVE-2009-1656 can be exploited remotely by attackers seeking to execute arbitrary commands on the affected devices.
What action should I take if my Xerox device is vulnerable to CVE-2009-1656?
If your Xerox device is vulnerable to CVE-2009-1656, you should immediately upgrade to the latest firmware and implement security best practices.
- agent/severity
- agent/references
- agent/weakness
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/remedy
- agent/last-modified-date
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- agent/author
- vendor/xerox
- canonical/xerox workcentre
- version/xerox workcentre/232
- version/xerox workcentre/238
- version/xerox workcentre/245
- version/xerox workcentre/255
- version/xerox workcentre/265
- version/xerox workcentre/275
- version/xerox workcentre/275-pro
- version/xerox workcentre/5632
- version/xerox workcentre/5638
- version/xerox workcentre/5645
- version/xerox workcentre/5655
- version/xerox workcentre/5665
- version/xerox workcentre/5675
- version/xerox workcentre/5687
- version/xerox workcentre/7655
- version/xerox workcentre/7665
- version/xerox workcentre/7675