PT-2010-2306 · Xerox · Net Controller+1

Publicado

2010-02-04

Atualizado

2011-01-06

CVE-2010-0549

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Xerox WorkCentre 6400 System Software versions 060.070.109.11407 through 060.070.109.29510 Net Controller versions 060.079.11410 through 060.079.29310

Description The issue allows remote attackers to access the directory structure by using a crafted PostScript file.

Recommendations For Xerox WorkCentre 6400 System Software versions 060.070.109.11407 through 060.070.109.29510, update to a version outside of the affected range to resolve the issue. For Net Controller versions 060.079.11410 through 060.079.29310, update to a version outside of the affected range to resolve the issue. As a temporary workaround, consider restricting access to the PostScript file processing functionality until a patch is available.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2010-0549

Produtos afetados

Net Controller

Xerox Workcentre 6400 System

PT-2010-2306 · Xerox · Net Controller+1

CVE-2010-0549

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5