Vulnerabilities > Xerox > Workcentre
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-05-16 | CVE-2009-1656 | Remote Command Execution vulnerability in Xerox WorkCentre Webserver Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265, 275; and WorkCentre 5632, 5638, 5645, 5655, 5665, 5675, 5687, 7655, 7656, and 7675 allows remote attackers to execute arbitrary commands via unknown attack vectors, aka "command injection vulnerability." | 10.0 |
2009-03-06 | CVE-2008-6436 | Cross-Site Scripting vulnerability in Xerox Workcentre Cross-site scripting (XSS) vulnerability in the Web Server in Xerox WorkCentre 7132, 7228, 7235, and 7245 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2008-06-23 | CVE-2008-2825 | Cross-Site Scripting vulnerability in Xerox Workcentre M123/M128/M133 Cross-site scripting (XSS) vulnerability in the embedded Web Server in Xerox WorkCentre M123, M128, and 133 and WorkCentre Pro 123, 128, and 133 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2008-06-23 | CVE-2008-2824 | Permissions, Privileges, and Access Controls vulnerability in Xerox Workcentre 7655/7665/7675 Unspecified vulnerability in the Extensible Interface Platform in Web Services in Xerox WorkCentre 7655, 7665, and 7675 allows remote attackers to make configuration changes via unknown vectors. | 10.0 |
2006-12-11 | CVE-2006-6473 | Remote Security vulnerability in WorkCentre Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 have unknown impact and attack vectors, related to (1) an Immediate Image Overwrite (IIO) error message at the Local User Interface (LUI) if overwrite fails, (2) an IIO failure when a Held Job is deleted, and (3) an On Demand Image Overwrite failure when the overwrite is greater than 2 Gb. | 10.0 |
2006-12-11 | CVE-2006-6472 | Remote Security vulnerability in WorkCentre The httpd.conf file in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 configures port 443 to be always active, which has unknown impact and remote attack vectors. | 10.0 |
2006-12-11 | CVE-2006-6471 | Remote Security vulnerability in WorkCentre Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 use weak permissions for certain files, which allows unspecified file access. | 10.0 |
2006-12-11 | CVE-2006-6470 | Remote Security vulnerability in WorkCentre The SNMP Agent in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 returns no error for a non-writable object, which has unknown impact and attack vectors. | 10.0 |
2006-12-11 | CVE-2006-6469 | Remote Security vulnerability in WorkCentre Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 do not block the postgres port (5432/tcp), which has unknown impact and remote attack vectors, probably related to unauthorized connections to a PostgreSQL daemon. low complexity xerox | 5.8 |
2006-12-11 | CVE-2006-6468 | Remote Security vulnerability in WorkCentre Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 do not check the Fully Qualified Domain Name (FQDN) during a "Validate Repository SSL Certificate" scan, which has unknown impact and attack vectors, possibly related to spoofed certificates. low complexity xerox | 5.8 |