Vulnerabilities > Xerox > Workcentre
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-12-11 | CVE-2006-6467 | Remote Security vulnerability in WorkCentre Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 do not properly restrict access to SMB file resources, which allows remote attackers to gain unspecified file or directory access via vectors related to (1) visibility of the SMB "Homes" share and (2) SMB file system browsing. low complexity xerox | 5.8 |
| 2006-12-10 | CVE-2006-6437 | Denial-Of-Service vulnerability in Xerox Workcentre 12.060.17.000/13.060.17.000/14.060.17.000 ops3-dmn in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows attackers to cause a denial of service (application crash and core dump) via a certain PS file. | 7.8 |
| 2006-12-10 | CVE-2006-6435 | Information Disclosure vulnerability in Xerox Workcentre 12.060.17.000/13.060.17.000/14.060.17.000 The SNMP implementation in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 does not generate authentication failure traps, which allows remote attackers to more easily gain system access and obtain sensitive information via a brute force attack. | 7.5 |
| 2006-12-10 | CVE-2006-6433 | Remote Security vulnerability in Xerox Workcentre 12.060.17.000/13.060.17.000/14.060.17.000 Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 does not record accurate timestamps, which makes it easier for remote attackers to avoid detection when an audit tries to rely on these timestamps. | 5.0 |
| 2006-12-10 | CVE-2006-6432 | Multiple vulnerability in Xerox Workcentre 12.060.17.000/13.060.17.000/14.060.17.000 Unspecified vulnerability in the Scan-to-mailbox feature in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allows remote attackers to download certain files via unspecified vectors. | 5.0 |
| 2006-12-10 | CVE-2006-6431 | Remote Security vulnerability in Xerox Workcentre 12.060.17.000/13.060.17.000/14.060.17.000 Unspecified vulnerability in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allows attackers to modify signatures of e-mail messages via unspecified vectors. | 5.0 |
| 2006-12-10 | CVE-2006-6429 | Multiple vulnerability in Xerox Workcentre 12.060.17.000/13.060.17.000/14.060.17.000 Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allows attackers to modify certain configuration settings via unspecified vectors involving the "TFTP/BOOTP auto configuration option." | 5.0 |
| 2006-12-10 | CVE-2006-6428 | Multiple vulnerability in Xerox Workcentre 12.060.17.000/13.060.17.000/14.060.17.000 Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allow remote attackers to gain access via unspecified vectors related to "browser permissions." | 7.5 |
| 2006-12-10 | CVE-2006-6427 | OS Command Injection vulnerability in Xerox Workcentre 12.060.17.000/13.060.17.000/14.060.17.000 The Web User Interface in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allows remote attackers to execute arbitrary commands via unspecified vectors involving "command injection" in (1) the TCP/IP hostname, (2) Scan-to-mailbox folder names, and (3) certain parameters in the Microsoft Networking configuration. | 7.5 |
| 2005-05-02 | CVE-2005-1179 | SNMP Authentication Bypass vulnerability in Xerox MicroServer Unknown vulnerability in Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 2.028.11.000 through 2.97.20.032 and 4.84.16.000 through 4.97.20.032, Pro 35/45/55 3.028.11.000 through 3.97.20.032, Pro 65/75/90 1.001.00.060 through 1.001.02.084, and others, related to SNMP authentication, allows remote attackers to modify system configuration, a different vulnerability than CVE-2005-0703. | 5.0 |