PT-2009-2580 · Kyoceramita · Scanner File Utility

Published

2009-08-28

Updated

2018-10-11

CVE-2008-7111

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 does not restrict the filenames or extensions of uploaded files, which makes it easier for remote attackers to execute arbitrary code or overwrite files by leveraging CVE-2008-7110 and CVE-2008-7109.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2008-7111

Affected Products

Scanner File Utility

PT-2009-2580 · Kyoceramita · Scanner File Utility

CVE-2008-7111

Weakness Enumeration

Related Identifiers

Affected Products

References · 5