PT-2010-2306 · Xerox · Net Controller+1

Published

2010-02-04

Updated

2011-01-06

CVE-2010-0549

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Xerox WorkCentre 6400 System Software versions 060.070.109.11407 through 060.070.109.29510 Net Controller versions 060.079.11410 through 060.079.29310

Description The issue allows remote attackers to access the directory structure by using a crafted PostScript file.

Recommendations For Xerox WorkCentre 6400 System Software versions 060.070.109.11407 through 060.070.109.29510, update to a version outside of the affected range to resolve the issue. For Net Controller versions 060.079.11410 through 060.079.29310, update to a version outside of the affected range to resolve the issue. As a temporary workaround, consider restricting access to the PostScript file processing functionality until a patch is available.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2010-0549

Affected Products

Net Controller

Xerox Workcentre 6400 System

PT-2010-2306 · Xerox · Net Controller+1

CVE-2010-0549

Weakness Enumeration

Related Identifiers

Affected Products

References · 5