CVE-2006-6438

Medium

4.9/10

Summary

Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 leaves sensitive user data in http.log after an Immediate Image Overwrite (IIO), which allows local users to obtain the data by reading the http.log file.

Access Complexity: LOW
AccessVector: LOCAL
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: COMPLETE
Availability Impact: NONE

References

Advisory Timeline

Published Dec 10, 2006

CVE-2006-6438

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS