CVE-2005-2202

Summary

CVE	CVE-2005-2202
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2005-07-11 04:00:00 UTC
Updated	2008-09-05 20:51:00 UTC
Description	Cross-site scripting (XSS) vulnerability in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Xerox	Workcentre 2128	0.001.04.044	All	pro_color	All
Hardware	Xerox	Workcentre 2128	0.001.04.504	All	pro_color	All
Hardware	Xerox	Workcentre 2128	0.001.04.044	All	pro_color	All
Hardware	Xerox	Workcentre 2128	0.001.04.504	All	pro_color	All
Hardware	Xerox	Workcentre 2636	0.001.04.044	All	pro_color	All
Hardware	Xerox	Workcentre 2636	0.001.04.504	All	pro_color	All
Hardware	Xerox	Workcentre 2636	0.001.04.044	All	pro_color	All
Hardware	Xerox	Workcentre 2636	0.001.04.504	All	pro_color	All
Hardware	Xerox	Workcentre 3545	0.001.04.044	All	pro_color	All
Hardware	Xerox	Workcentre 3545	0.001.04.504	All	pro_color	All
Hardware	Xerox	Workcentre 3545	0.001.04.044	All	pro_color	All
Hardware	Xerox	Workcentre 3545	0.001.04.504	All	pro_color	All

References

Reference	Source	Link	Tags
www.xerox.com/downloads/usa/en/c/cert_XRX05_006.pdf	CONFIRM	www.xerox.com	Patch, Vendor Advisory
Secunia - Advisories - Xerox WorkCentre Pro Multiple Vulnerabilities	SECUNIA	secunia.com	Patch, Vendor Advisory
Xerox WorkCentre Pro Web Service Lets Remote Users Bypass Authentication, Obtain Files, Modify Web Pages, or Deny Service - SecurityTracker	SECTRACK	securitytracker.com	Patch
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.