CVE-2006-6440 - Vulnerability Details

Vendors	Products
Xerox	Workcentre 232 Workcentre 238 Workcentre 245 Workcentre 255 Workcentre 265 Workcentre 275

Link	Providers
http://secunia.com/advisories/23265
http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-11-30T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allow remote attackers to have an unspecified impact via unspecified vectors relating to \"HTTP Security issues.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "23265", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23265"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-6440", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allow remote attackers to have an unspecified impact via unspecified vectors relating to \"HTTP Security issues.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "23265", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23265"}, {"name": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf", "refsource": "CONFIRM", "url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T20:26:46.065Z"}, "title": "CVE Program Container", "references": [{"name": "23265", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23265"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-6440", "datePublished": "2006-12-10T11:00:00", "dateReserved": "2006-12-09T00:00:00", "dateUpdated": "2024-08-07T20:26:46.065Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2006-11-30T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allow remote attackers to have an unspecified impact via unspecified vectors relating to "HTTP Security issues." (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-12-18T14:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : 23265 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/23265 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2006-6440 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allow remote attackers to have an unspecified impact via unspecified vectors relating to "HTTP Security issues." (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 23265 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/23265 (string)

}

1 : { »

name : http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf (string)

refsource : CONFIRM (string)

url : http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-07T20:26:46.065Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 23265 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/23265 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2006-6440 (string)

datePublished : 2006-12-10T11:00:00 (string)

dateReserved : 2006-12-09T00:00:00 (string)

dateUpdated : 2024-08-07T20:26:46.065Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre_232:*:*:*:*:*:*:*:*", "matchCriteriaId": "24E761E4-0B6C-4C2A-BFCA-4CFC5620E91C", "vulnerable": true}, {"criteria": "cpe:2.3:h:xerox:workcentre_232:*:*:pro:*:*:*:*:*", "matchCriteriaId": "74245D08-446A-4988-BCFD-85509C4CE340", "vulnerable": true}, {"criteria": "cpe:2.3:h:xerox:workcentre_238:*:*:*:*:*:*:*:*", "matchCriteriaId": "12790FD1-DECA-4074-9458-3F88823190EF", "vulnerable": true}, {"criteria": "cpe:2.3:h:xerox:workcentre_238:*:*:pro:*:*:*:*:*", "matchCriteriaId": "88E2F705-B185-4211-B0CC-1E295E5B4471", "vulnerable": true}, {"criteria": "cpe:2.3:h:xerox:workcentre_245:*:*:*:*:*:*:*:*", "matchCriteriaId": "7D7FE90B-21E6-4628-AD70-37BB9644CBD9", "vulnerable": true}, {"criteria": "cpe:2.3:h:xerox:workcentre_245:*:*:pro:*:*:*:*:*", "matchCriteriaId": "573640FF-609D-4441-B7DD-3477F239A00E", "vulnerable": true}, {"criteria": "cpe:2.3:h:xerox:workcentre_255:*:*:*:*:*:*:*:*", "matchCriteriaId": "8204B5C0-0B87-48BD-9678-5101B048C135", "vulnerable": true}, {"criteria": "cpe:2.3:h:xerox:workcentre_255:*:*:pro:*:*:*:*:*", "matchCriteriaId": "3A2128EF-5847-4097-84BC-5CAC270F1C10", "vulnerable": true}, {"criteria": "cpe:2.3:h:xerox:workcentre_265:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAE44F85-3F9A-45FC-A411-1D1B4C2E33D7", "vulnerable": true}, {"criteria": "cpe:2.3:h:xerox:workcentre_265:*:*:pro:*:*:*:*:*", "matchCriteriaId": "D8FD8F59-E229-4138-9B85-7E15A80CF5DD", "vulnerable": true}, {"criteria": "cpe:2.3:h:xerox:workcentre_275:*:*:*:*:*:*:*:*", "matchCriteriaId": "92119B14-94C5-4D3D-811E-EB7336E39F3E", "vulnerable": true}, {"criteria": "cpe:2.3:h:xerox:workcentre_275:*:*:pro:*:*:*:*:*", "matchCriteriaId": "2DC671C6-7444-4E3D-ACAB-8905A0DB40CB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allow remote attackers to have an unspecified impact via unspecified vectors relating to \"HTTP Security issues.\""}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades no especificadas en Xerox WorkCentre y WorkCentre Pro anterior 12.050.03.000, 13.x anterior 13.050.03.000,  y 14.x anterior 14.050.03.000 permite a atacantes remotos tener un impacto no especifico a trav\u00e9s de vectores no especificados relacionados con \"asuntos de seguridad HTTP\"."}], "id": "CVE-2006-6440", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-12-10T11:28:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/23265"}, {"source": "cve@mitre.org", "url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/23265"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:xerox:workcentre_232:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 24E761E4-0B6C-4C2A-BFCA-4CFC5620E91C (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:h:xerox:workcentre_232:*:*:pro:*:*:*:*:* (string)

matchCriteriaId : 74245D08-446A-4988-BCFD-85509C4CE340 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:h:xerox:workcentre_238:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 12790FD1-DECA-4074-9458-3F88823190EF (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:h:xerox:workcentre_238:*:*:pro:*:*:*:*:* (string)

matchCriteriaId : 88E2F705-B185-4211-B0CC-1E295E5B4471 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:h:xerox:workcentre_245:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 7D7FE90B-21E6-4628-AD70-37BB9644CBD9 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:h:xerox:workcentre_245:*:*:pro:*:*:*:*:* (string)

matchCriteriaId : 573640FF-609D-4441-B7DD-3477F239A00E (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:h:xerox:workcentre_255:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 8204B5C0-0B87-48BD-9678-5101B048C135 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:h:xerox:workcentre_255:*:*:pro:*:*:*:*:* (string)

matchCriteriaId : 3A2128EF-5847-4097-84BC-5CAC270F1C10 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:h:xerox:workcentre_265:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BAE44F85-3F9A-45FC-A411-1D1B4C2E33D7 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:h:xerox:workcentre_265:*:*:pro:*:*:*:*:* (string)

matchCriteriaId : D8FD8F59-E229-4138-9B85-7E15A80CF5DD (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:h:xerox:workcentre_275:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 92119B14-94C5-4D3D-811E-EB7336E39F3E (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:h:xerox:workcentre_275:*:*:pro:*:*:*:*:* (string)

matchCriteriaId : 2DC671C6-7444-4E3D-ACAB-8905A0DB40CB (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allow remote attackers to have an unspecified impact via unspecified vectors relating to "HTTP Security issues." (string)

}

1 : { »

lang : es (string)

value : Múltiples vulnerabilidades no especificadas en Xerox WorkCentre y WorkCentre Pro anterior 12.050.03.000, 13.x anterior 13.050.03.000, y 14.x anterior 14.050.03.000 permite a atacantes remotos tener un impacto no especifico a través de vectores no especificados relacionados con "asuntos de seguridad HTTP". (string)

}

]

id : CVE-2006-6440 (string)

lastModified : 2025-04-09T00:30:58.490 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 7.5 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:L/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2006-12-10T11:28:00.000 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://secunia.com/advisories/23265 (string)

}

1 : { »

source : cve@mitre.org (string)

url : http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://secunia.com/advisories/23265 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-Other (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object