Lucene search

MitreCVE-2006-1137

HistoryMar 10, 2006 - 2:02 a.m.

CVE-2006-1137

2006-03-1002:02:00

mitre

web.nvd.nist.gov

xerox

copycentre

workcentre pro

vulnerability

remote attackers

denial of service

postscript

nvd

cve-2006-1137

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.9

Confidence

High

EPSS

0.04

Percentile

92.1%

JSON

Multiple unspecified vulnerabilities in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allow remote attackers to cause an unspecified denial of service via a crafted PostScript file that will (1) “navigate through the directory” or (2) a “file sent to expose TCP/IP ports”.

Affected configurations

Nvd

Node

xeroxcopycentre_c65_firmwareRange≤1.001.02.073

xeroxcopycentre_c65_firmwareRange1.001.02.074–1.001.02.715

AND

xeroxcopycentre_c65Match-

Node

xeroxcopycentre_c75_firmwareRange≤1.001.02.073

xeroxcopycentre_c75_firmwareRange1.001.02.074–1.001.02.715

AND

xeroxcopycentre_c75Match-

Node

xeroxcopycentre_c90_firmwareRange≤1.001.02.073

xeroxcopycentre_c90_firmwareRange1.001.02.074–1.001.02.715

AND

xeroxcopycentre_c90Match-

Node

xeroxworkcentre_pro_65_firmwareRange≤1.001.02.073

xeroxworkcentre_pro_65_firmwareRange1.001.02.074–1.001.02.715

AND

xeroxworkcentre_pro_65Match-

Node

xeroxworkcentre_pro_75_firmwareRange≤1.001.02.073

xeroxworkcentre_pro_75_firmwareRange1.001.02.074–1.001.02.715

AND

xeroxworkcentre_pro_75Match-

Node

xeroxworkcentre_pro_90_firmwareRange≤1.001.02.073

xeroxworkcentre_pro_90_firmwareRange1.001.02.074–1.001.02.715

AND

xeroxworkcentre_pro_90Match-

VendorProductVersionCPE
xeroxcopycentre_c65_firmware*cpe:2.3:o:xerox:copycentre_c65_firmware:*:*:*:*:*:*:*:*
xeroxcopycentre_c65-cpe:2.3:h:xerox:copycentre_c65:-:*:*:*:*:*:*:*
xeroxcopycentre_c75_firmware*cpe:2.3:o:xerox:copycentre_c75_firmware:*:*:*:*:*:*:*:*
xeroxcopycentre_c75-cpe:2.3:h:xerox:copycentre_c75:-:*:*:*:*:*:*:*
xeroxcopycentre_c90_firmware*cpe:2.3:o:xerox:copycentre_c90_firmware:*:*:*:*:*:*:*:*
xeroxcopycentre_c90-cpe:2.3:h:xerox:copycentre_c90:-:*:*:*:*:*:*:*
xeroxworkcentre_pro_65_firmware*cpe:2.3:o:xerox:workcentre_pro_65_firmware:*:*:*:*:*:*:*:*
xeroxworkcentre_pro_65-cpe:2.3:h:xerox:workcentre_pro_65:-:*:*:*:*:*:*:*
xeroxworkcentre_pro_75_firmware*cpe:2.3:o:xerox:workcentre_pro_75_firmware:*:*:*:*:*:*:*:*
xeroxworkcentre_pro_75-cpe:2.3:h:xerox:workcentre_pro_75:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
xerox	copycentre_c65_firmware	*	cpe:2.3:o:xerox:copycentre_c65_firmware::::::::
xerox	copycentre_c65	-	cpe:2.3:h:xerox:copycentre_c65:-:::::::*
xerox	copycentre_c75_firmware	*	cpe:2.3:o:xerox:copycentre_c75_firmware::::::::
xerox	copycentre_c75	-	cpe:2.3:h:xerox:copycentre_c75:-:::::::*
xerox	copycentre_c90_firmware	*	cpe:2.3:o:xerox:copycentre_c90_firmware::::::::
xerox	copycentre_c90	-	cpe:2.3:h:xerox:copycentre_c90:-:::::::*
xerox	workcentre_pro_65_firmware	*	cpe:2.3:o:xerox:workcentre_pro_65_firmware::::::::
xerox	workcentre_pro_65	-	cpe:2.3:h:xerox:workcentre_pro_65:-:::::::*
xerox	workcentre_pro_75_firmware	*	cpe:2.3:o:xerox:workcentre_pro_75_firmware::::::::
xerox	workcentre_pro_75	-	cpe:2.3:h:xerox:workcentre_pro_75:-:::::::*

Rows per page:

1-10 of 121

References

secunia.com/advisories/19146

securitytracker.com/id?1015738

www.osvdb.org/23725

www.osvdb.org/23726

www.securityfocus.com/bid/17014

www.vupen.com/english/advisories/2006/0857

www.xerox.com/downloads/usa/en/c/cert_XRX06_002.pdf

exchange.xforce.ibmcloud.com/vulnerabilities/25173

exchange.xforce.ibmcloud.com/vulnerabilities/25174

Social References

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.9

Confidence

High

EPSS

0.04

Percentile

92.1%

JSON

Related for CVE-2006-1137