PT-2006-7045 · Xerox · Xerox Workcentre+1

Publicado

2006-12-10

Atualizado

2008-09-10

CVE-2006-6436

CVSS v2.0

6.8

Média

Vetor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Xerox WorkCentre and WorkCentre Pro versions prior to 12.050.03.000 Xerox WorkCentre and WorkCentre Pro versions 13.x prior to 13.050.03.000 Xerox WorkCentre and WorkCentre Pro versions 14.x prior to 14.050.03.000

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via HTTP TRACE messages. This affects the Network controller.

Recommendations For versions prior to 12.050.03.000, update to version 12.050.03.000 or later. For versions 13.x prior to 13.050.03.000, update to version 13.050.03.000 or later. For versions 14.x prior to 14.050.03.000, update to version 14.050.03.000 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-6436

Produtos afetados

Xerox Workcentre

Xerox Workcentre Pro

PT-2006-7045 · Xerox · Xerox Workcentre+1

CVE-2006-6436

Identificadores relacionados

Produtos afetados

Referências · 3