CVE-2006-6427 Information
Description
The Web User Interface in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000 13.x before 13.060.17.000 and 14.x before 14.060.17.000 allows remote attackers to execute arbitrary commands via unspecified vectors involving \command injection\ in (1) the TCP/IP hostname (2) Scan-to-mailbox folder names and (3) certain parameters in the Microsoft Networking configuration. NOTE: vector 1 might be the same as CVE-2006-5290.
Reference
http://secunia.com/advisories/23265 http://securitytracker.com/id?1017337 http://www.securityfocus.com/bid/21365 http://www.vupen.com/english/advisories/2006/4791 http://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdf http://www.xerox.com/downloads/usa/en/c/cert_XRX06_007_v1.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/30674
Share on: