Xerox FreeFlow Print Server Multiple Vulnerabilities
Release Date : 2013-04-05
Criticality level : Highly critical
Impact : Unknown
Cross Site Scripting
Manipulation of data
Exposure of sensitive information
Where : From remote
Solution Status: Vendor Patch
Software: Xerox FreeFlow Print Server 7.x
Xerox has acknowledged multiple vulnerabilities in Xerox FreeFlow Print Server, where one has an unknown impact and others can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and gain escalated privileges, by malicious users to compromise a vulnerable system, and by malicious people to conduct cross-site scripting and request forgery attacks, bypass certain security restrictions, disclose potentially sensitive information, manipulate certain data, cause a DoS, and compromise a vulnerable system.
The vulnerabilities are reported in versions FFPS 73.C5.11 and 73.C0.41.
Apply updates. Please see the vendor's advisory for more details.
Was this reply helpful? (0) (0)