CVE-2006-6438 Information

Description

Xerox WorkCentre and WorkCentre Pro before 12.050.03.000 13.x before 13.050.03.000 and 14.x before 14.050.03.000 leaves sensitive user data in http.log after an Immediate Image Overwrite (IIO) which allows local users to obtain the data by reading the http.log file.

Reference

http://secunia.com/advisories/23265 http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf