CVE-2009-1656

Summary

CVE	CVE-2009-1656
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2009-05-16 18:30:00 UTC
Updated	2017-08-17 01:30:00 UTC
Description	Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265, 275; and WorkCentre 5632, 5638, 5645, 5655, 5665, 5675, 5687, 7655, 7656, and 7675 allows remote attackers to execute arbitrary commands via unknown attack vectors, aka "command injection vulnerability."

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Xerox	Workcentre	232	All	All	All
Hardware	Xerox	Workcentre	232	All	pro	All
Hardware	Xerox	Workcentre	238	All	All	All
Hardware	Xerox	Workcentre	238	All	pro	All
Hardware	Xerox	Workcentre	245	All	All	All
Hardware	Xerox	Workcentre	245	All	pro	All
Hardware	Xerox	Workcentre	255	All	All	All
Hardware	Xerox	Workcentre	255	All	pro	All
Hardware	Xerox	Workcentre	265	All	All	All
Hardware	Xerox	Workcentre	265	All	pro	All
Hardware	Xerox	Workcentre	275	All	All	All
Hardware	Xerox	Workcentre	275	pro	All	All
Hardware	Xerox	Workcentre	5632	All	All	All
Hardware	Xerox	Workcentre	5638	All	All	All
Hardware	Xerox	Workcentre	5645	All	All	All
Hardware	Xerox	Workcentre	5655	All	All	All
Hardware	Xerox	Workcentre	5665	All	All	All
Hardware	Xerox	Workcentre	5675	All	All	All
Hardware	Xerox	Workcentre	5687	All	All	All
Hardware	Xerox	Workcentre	7655	All	All	All
Hardware	Xerox	Workcentre	7665	All	All	All
Hardware	Xerox	Workcentre	7675	All	All	All
Hardware	Xerox	Workcentre	232	All	All	All
Hardware	Xerox	Workcentre	232	All	pro	All
Hardware	Xerox	Workcentre	238	All	All	All
Hardware	Xerox	Workcentre	238	All	pro	All
Hardware	Xerox	Workcentre	245	All	All	All
Hardware	Xerox	Workcentre	245	All	pro	All
Hardware	Xerox	Workcentre	255	All	All	All
Hardware	Xerox	Workcentre	255	All	pro	All
Hardware	Xerox	Workcentre	265	All	All	All
Hardware	Xerox	Workcentre	265	All	pro	All
Hardware	Xerox	Workcentre	275	All	All	All
Hardware	Xerox	Workcentre	275	pro	All	All
Hardware	Xerox	Workcentre	5632	All	All	All
Hardware	Xerox	Workcentre	5638	All	All	All
Hardware	Xerox	Workcentre	5645	All	All	All
Hardware	Xerox	Workcentre	5655	All	All	All
Hardware	Xerox	Workcentre	5665	All	All	All
Hardware	Xerox	Workcentre	5675	All	All	All
Hardware	Xerox	Workcentre	5687	All	All	All
Hardware	Xerox	Workcentre	7655	All	All	All
Hardware	Xerox	Workcentre	7665	All	All	All
Hardware	Xerox	Workcentre	7675	All	All	All

References

Reference	Source	Link	Tags
IBM X-Force Exchange	XF	exchange.xforce.ibmcloud.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	VUPEN	www.vupen.com	Patch, Vendor Advisory
54457	OSVDB	osvdb.org
Xerox WorkCentre Webserver Unspecified Remote Command Execution Vulnerability	BID	www.securityfocus.com
www.xerox.com/downloads/usa/en/c/cert_XRX09-02_v1.0.pdf	CONFIRM	www.xerox.com	Patch, Vendor Advisory
Xerox WorkCentre Web Server Unspecified Command Injection - Secunia Advisories - Vulnerability Information - Secunia.com	SECUNIA	secunia.com	Vendor Advisory
Xerox WorkCentre Command Injection Bug Lets Remote Users Execute Arbitrary Code - SecurityTracker	SECTRACK	www.securitytracker.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.