CVE-2006-6473 - OpenCVE

Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 have unknown impact and attack vectors, related to (1) an Immediate Image Overwrite (IIO) error message at the Local User Interface (LUI) if overwrite fails, (2) an IIO failure when a Held Job is deleted, and (3) an On Demand Image Overwrite failure when the overwrite is greater than 2 Gb.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Xerox	Workcentre

Configuration 1 [-]

OR	cpe:2.3:h:xerox:workcentre::::::::
	cpe:2.3:h:xerox:workcentre:::pro:::::*
	cpe:2.3:h:xerox:workcentre::::::::
	cpe:2.3:h:xerox:workcentre:::pro:::::*

References

Link	Resource
http://secunia.com/advisories/23265	Patch Vendor Advisory
http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:21:22

Updated: 2022-10-03T16:21:22

Reserved: 2022-10-03T00:00:00

Link: CVE-2006-6473

JSON object: View

NVD Information

Status : Analyzed

Published: 2006-12-11T18:28:00.000

Modified: 2008-09-05T21:14:49.910

Link: CVE-2006-6473

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 have unknown impact and attack vectors, related to (1) an Immediate Image Overwrite (IIO) error message at the Local User Interface (LUI) if overwrite fails, (2) an IIO failure when a Held Job is deleted, and (3) an On Demand Image Overwrite failure when the overwrite is greater than 2 Gb."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-10-03T16:21:22", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "23265", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23265"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-6473", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 have unknown impact and attack vectors, related to (1) an Immediate Image Overwrite (IIO) error message at the Local User Interface (LUI) if overwrite fails, (2) an IIO failure when a Held Job is deleted, and (3) an On Demand Image Overwrite failure when the overwrite is greater than 2 Gb."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "23265", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23265"}, {"name": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf", "refsource": "CONFIRM", "url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-6473", "datePublished": "2022-10-03T16:21:22", "dateReserved": "2022-10-03T00:00:00", "dateUpdated": "2022-10-03T16:21:22", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre:*:*:*:*:*:*:*:*", "matchCriteriaId": "8FC791FD-B20C-4428-82A0-0E8174B8AB03", "versionEndIncluding": "13.050.02.000", "vulnerable": true}, {"criteria": "cpe:2.3:h:xerox:workcentre:*:*:pro:*:*:*:*:*", "matchCriteriaId": "628B8A80-E06B-4C8A-BC89-AAF760F28B89", "versionEndIncluding": "13.050.02.000", "vulnerable": true}, {"criteria": "cpe:2.3:h:xerox:workcentre:*:*:*:*:*:*:*:*", "matchCriteriaId": "9562CF49-A540-4EA5-9120-B7DC007ED78C", "versionEndIncluding": "14.050.02.000", "vulnerable": true}, {"criteria": "cpe:2.3:h:xerox:workcentre:*:*:pro:*:*:*:*:*", "matchCriteriaId": "4F7027CD-45A4-4759-AAA4-6B069DD2ED38", "versionEndIncluding": "14.050.02.000", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 have unknown impact and attack vectors, related to (1) an Immediate Image Overwrite (IIO) error message at the Local User Interface (LUI) if overwrite fails, (2) an IIO failure when a Held Job is deleted, and (3) an On Demand Image Overwrite failure when the overwrite is greater than 2 Gb."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades no especificadas en Xerox WorkCentre y WorkCentre Pro anterior a 12.050.03.000, 13.x anterior a 13.050.03.000, y 14.x anterior a 14.050.03.000 tienen impacto y vectores de ataque desconocidos, relacionados con (1) un mensaje de error des Sobrescritura Inmediata de Imagen (Immediate Image Overwrite o IIO) en la Interfaz de Usuario Local (Local User Interface o LUI) si la sobrescritura falla, y (2) un fallo IIO cuando se borra un Trabajo en Espera (held job), y (3) un fallo de Sobrescritura de Imagen Bajo Petici\u00f3n (On Demand Image Overwrite) cuando la sobrescritura es mayor de 2 Gb."}], "id": "CVE-2006-6473", "lastModified": "2008-09-05T21:14:49.910", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-12-11T18:28:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/23265"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}