Refine your search
10 vulnerabilities found for by Fuji Xerox Co.,Ltd.
CVE-2021-20679 (GCVE-0-2021-20679)
Vulnerability from cvelistv5
Published
2021-03-25 05:30
Modified
2024-08-03 17:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Denial-of-service (DoS)
Summary
Fuji Xerox multifunction devices and printers (DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, ApeosPort-VII C7788/C6688/C5588, ApeosPort C7070/C6570/C5570/C4570/C3570/C3070/C7070G/C6570G/C5570G/C4570G/C3570G/C3070G, ApeosPort-VII C4421/C3321, ApeosPort C3060/C2560/C2060/C3060G/C2560G/C2060G, ApeosPort-VII CP4421, ApeosPort Print C5570, ApeosPort 5570/4570/5570G/4570G, ApeosPort 3560/3060/2560/3560G/3060G/2560G, ApeosPort-VII 5021/ 4021, ApeosPort-VII P5021, DocuPrint CP 555 d/505 d, DocuPrint P505 d, PrimeLink C9065/C9070, DocuPrint CP475AP, and DocuPrint P475AP) allow an attacker to cause a denial of service (DoS) condition and abnormal end (ABEND) of the affected products via sending a specially crafted command.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fuji Xerox Co.,Ltd. | Fuji Xerox multifunction devices and printers |
Version: DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, ApeosPort-VII C7788/C6688/C5588, ApeosPort C7070/C6570/C5570/C4570/C3570/C3070/C7070G/C6570G/C5570G/C4570G/C3570G/C3070G, ApeosPort-VII C4421/C3321, ApeosPort C3060/C2560/C2060/C3060G/C2560G/C2060G, ApeosPort-VII CP4421, ApeosPort Print C5570, ApeosPort 5570/4570/5570G/4570G, ApeosPort 3560/3060/2560/3560G/3060G/2560G, ApeosPort-VII 5021/ 4021, ApeosPort-VII P5021, DocuPrint CP 555 d/505 d, DocuPrint P505 d, PrimeLink C9065/C9070, DocuPrint CP475AP, and DocuPrint P475AP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:45:45.529Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.fujixerox.co.jp/company/news/notice/2021/0319_announce.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.fujixerox.com/eng/company/news/notice/2021/0319_announce.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN37607293/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Fuji Xerox multifunction devices and printers",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, ApeosPort-VII C7788/C6688/C5588, ApeosPort C7070/C6570/C5570/C4570/C3570/C3070/C7070G/C6570G/C5570G/C4570G/C3570G/C3070G, ApeosPort-VII C4421/C3321, ApeosPort C3060/C2560/C2060/C3060G/C2560G/C2060G, ApeosPort-VII CP4421, ApeosPort Print C5570, ApeosPort 5570/4570/5570G/4570G, ApeosPort 3560/3060/2560/3560G/3060G/2560G, ApeosPort-VII 5021/ 4021, ApeosPort-VII P5021, DocuPrint CP 555 d/505 d, DocuPrint P505 d, PrimeLink C9065/C9070, DocuPrint CP475AP, and DocuPrint P475AP"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Fuji Xerox multifunction devices and printers (DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, ApeosPort-VII C7788/C6688/C5588, ApeosPort C7070/C6570/C5570/C4570/C3570/C3070/C7070G/C6570G/C5570G/C4570G/C3570G/C3070G, ApeosPort-VII C4421/C3321, ApeosPort C3060/C2560/C2060/C3060G/C2560G/C2060G, ApeosPort-VII CP4421, ApeosPort Print C5570, ApeosPort 5570/4570/5570G/4570G, ApeosPort 3560/3060/2560/3560G/3060G/2560G, ApeosPort-VII 5021/ 4021, ApeosPort-VII P5021, DocuPrint CP 555 d/505 d, DocuPrint P505 d, PrimeLink C9065/C9070, DocuPrint CP475AP, and DocuPrint P475AP) allow an attacker to cause a denial of service (DoS) condition and abnormal end (ABEND) of the affected products via sending a specially crafted command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial-of-service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-25T05:30:18.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.fujixerox.co.jp/company/news/notice/2021/0319_announce.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.fujixerox.com/eng/company/news/notice/2021/0319_announce.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN37607293/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20679",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fuji Xerox multifunction devices and printers",
"version": {
"version_data": [
{
"version_value": "DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, ApeosPort-VII C7788/C6688/C5588, ApeosPort C7070/C6570/C5570/C4570/C3570/C3070/C7070G/C6570G/C5570G/C4570G/C3570G/C3070G, ApeosPort-VII C4421/C3321, ApeosPort C3060/C2560/C2060/C3060G/C2560G/C2060G, ApeosPort-VII CP4421, ApeosPort Print C5570, ApeosPort 5570/4570/5570G/4570G, ApeosPort 3560/3060/2560/3560G/3060G/2560G, ApeosPort-VII 5021/ 4021, ApeosPort-VII P5021, DocuPrint CP 555 d/505 d, DocuPrint P505 d, PrimeLink C9065/C9070, DocuPrint CP475AP, and DocuPrint P475AP"
}
]
}
}
]
},
"vendor_name": "Fuji Xerox Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Fuji Xerox multifunction devices and printers (DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, ApeosPort-VII C7788/C6688/C5588, ApeosPort C7070/C6570/C5570/C4570/C3570/C3070/C7070G/C6570G/C5570G/C4570G/C3570G/C3070G, ApeosPort-VII C4421/C3321, ApeosPort C3060/C2560/C2060/C3060G/C2560G/C2060G, ApeosPort-VII CP4421, ApeosPort Print C5570, ApeosPort 5570/4570/5570G/4570G, ApeosPort 3560/3060/2560/3560G/3060G/2560G, ApeosPort-VII 5021/ 4021, ApeosPort-VII P5021, DocuPrint CP 555 d/505 d, DocuPrint P505 d, PrimeLink C9065/C9070, DocuPrint CP475AP, and DocuPrint P475AP) allow an attacker to cause a denial of service (DoS) condition and abnormal end (ABEND) of the affected products via sending a specially crafted command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial-of-service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.fujixerox.co.jp/company/news/notice/2021/0319_announce.html",
"refsource": "MISC",
"url": "https://www.fujixerox.co.jp/company/news/notice/2021/0319_announce.html"
},
{
"name": "https://www.fujixerox.com/eng/company/news/notice/2021/0319_announce.html",
"refsource": "MISC",
"url": "https://www.fujixerox.com/eng/company/news/notice/2021/0319_announce.html"
},
{
"name": "https://jvn.jp/en/jp/JVN37607293/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN37607293/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2021-20679",
"datePublished": "2021-03-25T05:30:18.000Z",
"dateReserved": "2020-12-17T00:00:00.000Z",
"dateUpdated": "2024-08-03T17:45:45.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5526 (GCVE-0-2020-5526)
Vulnerability from cvelistv5
Published
2020-01-31 03:35
Modified
2024-08-04 08:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Fails to verify SSL certificates
Summary
The AWMS Mobile App for Android 2.0.0 to 2.0.5 and for iOS 2.0.0 to 2.0.8 does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fuji Xerox Co.,Ltd. | AWMS Mobile App |
Version: for Android 2.0.0 to 2.0.5 and for iOS 2.0.0 to 2.0.8 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:30:24.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://onlinesupport.fujixerox.com/processDriverForm.do?ctry_code=SG\u0026lang_code=en\u0026d_lang=en\u0026corp_pid=AWMS2\u0026rts=null\u0026model=ApeosWare+Management+Suite+2\u0026type_id=7\u0026oslist=Windows+10+64bit\u0026lang_list=en"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN00014057/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AWMS Mobile App",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "for Android 2.0.0 to 2.0.5 and for iOS 2.0.0 to 2.0.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The AWMS Mobile App for Android 2.0.0 to 2.0.5 and for iOS 2.0.0 to 2.0.8 does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Fails to verify SSL certificates",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-31T03:35:17.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://onlinesupport.fujixerox.com/processDriverForm.do?ctry_code=SG\u0026lang_code=en\u0026d_lang=en\u0026corp_pid=AWMS2\u0026rts=null\u0026model=ApeosWare+Management+Suite+2\u0026type_id=7\u0026oslist=Windows+10+64bit\u0026lang_list=en"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jvn.jp/en/jp/JVN00014057/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2020-5526",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AWMS Mobile App",
"version": {
"version_data": [
{
"version_value": "for Android 2.0.0 to 2.0.5 and for iOS 2.0.0 to 2.0.8"
}
]
}
}
]
},
"vendor_name": "Fuji Xerox Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AWMS Mobile App for Android 2.0.0 to 2.0.5 and for iOS 2.0.0 to 2.0.8 does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Fails to verify SSL certificates"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://onlinesupport.fujixerox.com/processDriverForm.do?ctry_code=SG\u0026lang_code=en\u0026d_lang=en\u0026corp_pid=AWMS2\u0026rts=null\u0026model=ApeosWare+Management+Suite+2\u0026type_id=7\u0026oslist=Windows+10+64bit\u0026lang_list=en",
"refsource": "MISC",
"url": "http://onlinesupport.fujixerox.com/processDriverForm.do?ctry_code=SG\u0026lang_code=en\u0026d_lang=en\u0026corp_pid=AWMS2\u0026rts=null\u0026model=ApeosWare+Management+Suite+2\u0026type_id=7\u0026oslist=Windows+10+64bit\u0026lang_list=en"
},
{
"name": "http://jvn.jp/en/jp/JVN00014057/index.html",
"refsource": "MISC",
"url": "http://jvn.jp/en/jp/JVN00014057/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2020-5526",
"datePublished": "2020-01-31T03:35:17.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T08:30:24.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5520 (GCVE-0-2020-5520)
Vulnerability from cvelistv5
Published
2020-01-27 09:35
Modified
2024-08-04 08:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Fails to verify SSL certificates
Summary
The netprint App for iOS 3.2.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fuji Xerox Co.,Ltd. | netprint App for iOS |
Version: 3.2.3 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:30:24.488Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.printing.ne.jp/support/information/AppVulnerability.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN66435380/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "netprint App for iOS",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "3.2.3 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The netprint App for iOS 3.2.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Fails to verify SSL certificates",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-27T09:35:27.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.printing.ne.jp/support/information/AppVulnerability.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jvn.jp/en/jp/JVN66435380/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2020-5520",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "netprint App for iOS",
"version": {
"version_data": [
{
"version_value": "3.2.3 and earlier"
}
]
}
}
]
},
"vendor_name": "Fuji Xerox Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The netprint App for iOS 3.2.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Fails to verify SSL certificates"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.printing.ne.jp/support/information/AppVulnerability.html",
"refsource": "MISC",
"url": "https://www.printing.ne.jp/support/information/AppVulnerability.html"
},
{
"name": "http://jvn.jp/en/jp/JVN66435380/index.html",
"refsource": "MISC",
"url": "http://jvn.jp/en/jp/JVN66435380/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2020-5520",
"datePublished": "2020-01-27T09:35:27.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T08:30:24.488Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5522 (GCVE-0-2020-5522)
Vulnerability from cvelistv5
Published
2020-01-27 09:35
Modified
2024-08-04 08:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Fails to verify SSL certificates
Summary
The kantan netprint App for Android 2.0.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fuji Xerox Co.,Ltd. | kantan netprint App for Android |
Version: 2.0.3 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:30:24.586Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.printing.ne.jp/support/information/AppVulnerability.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN66435380/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kantan netprint App for Android",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "2.0.3 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The kantan netprint App for Android 2.0.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Fails to verify SSL certificates",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-27T09:35:27.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.printing.ne.jp/support/information/AppVulnerability.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jvn.jp/en/jp/JVN66435380/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2020-5522",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kantan netprint App for Android",
"version": {
"version_data": [
{
"version_value": "2.0.3 and earlier"
}
]
}
}
]
},
"vendor_name": "Fuji Xerox Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kantan netprint App for Android 2.0.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Fails to verify SSL certificates"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.printing.ne.jp/support/information/AppVulnerability.html",
"refsource": "MISC",
"url": "https://www.printing.ne.jp/support/information/AppVulnerability.html"
},
{
"name": "http://jvn.jp/en/jp/JVN66435380/index.html",
"refsource": "MISC",
"url": "http://jvn.jp/en/jp/JVN66435380/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2020-5522",
"datePublished": "2020-01-27T09:35:27.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T08:30:24.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5521 (GCVE-0-2020-5521)
Vulnerability from cvelistv5
Published
2020-01-27 09:35
Modified
2024-08-04 08:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Fails to verify SSL certificates
Summary
The kantan netprint App for iOS 2.0.2 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fuji Xerox Co.,Ltd. | kantan netprint App for iOS |
Version: 2.0.2 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:30:24.506Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.printing.ne.jp/support/information/AppVulnerability.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN66435380/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kantan netprint App for iOS",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "2.0.2 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The kantan netprint App for iOS 2.0.2 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Fails to verify SSL certificates",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-27T09:35:27.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.printing.ne.jp/support/information/AppVulnerability.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jvn.jp/en/jp/JVN66435380/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2020-5521",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kantan netprint App for iOS",
"version": {
"version_data": [
{
"version_value": "2.0.2 and earlier"
}
]
}
}
]
},
"vendor_name": "Fuji Xerox Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kantan netprint App for iOS 2.0.2 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Fails to verify SSL certificates"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.printing.ne.jp/support/information/AppVulnerability.html",
"refsource": "MISC",
"url": "https://www.printing.ne.jp/support/information/AppVulnerability.html"
},
{
"name": "http://jvn.jp/en/jp/JVN66435380/index.html",
"refsource": "MISC",
"url": "http://jvn.jp/en/jp/JVN66435380/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2020-5521",
"datePublished": "2020-01-27T09:35:27.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T08:30:24.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-6004 (GCVE-0-2019-6004)
Vulnerability from cvelistv5
Published
2019-09-12 15:58
Modified
2024-08-04 20:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Open Redirect
Summary
Open redirect vulnerability in ApeosWare Management Suite Ver.1.4.0.18 and earlier, and ApeosWare Management Suite 2 Ver.2.1.2.4 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fuji Xerox Co.,Ltd. | ApeosWare Management Suite and ApeosWare Management Suite 2 |
Version: ApeosWare Management Suite Ver.1.4.0.18 and earlier, and ApeosWare Management Suite 2 Ver.2.1.2.4 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:09:24.034Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://onlinesupport.fujixerox.com/processDriverForm.do?ctry_code=SG\u0026lang_code=en\u0026d_lang=en\u0026corp_pid=AWMS2\u0026rts=null\u0026model=ApeosWare+Management+Suite+2\u0026type_id=7\u0026oslist=Windows+10+64bit\u0026lang_list=en"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN07679150/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ApeosWare Management Suite and ApeosWare Management Suite 2",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "ApeosWare Management Suite Ver.1.4.0.18 and earlier, and ApeosWare Management Suite 2 Ver.2.1.2.4 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in ApeosWare Management Suite Ver.1.4.0.18 and earlier, and ApeosWare Management Suite 2 Ver.2.1.2.4 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Open Redirect",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-12T15:58:55.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://onlinesupport.fujixerox.com/processDriverForm.do?ctry_code=SG\u0026lang_code=en\u0026d_lang=en\u0026corp_pid=AWMS2\u0026rts=null\u0026model=ApeosWare+Management+Suite+2\u0026type_id=7\u0026oslist=Windows+10+64bit\u0026lang_list=en"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jvn.jp/en/jp/JVN07679150/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2019-6004",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ApeosWare Management Suite and ApeosWare Management Suite 2",
"version": {
"version_data": [
{
"version_value": "ApeosWare Management Suite Ver.1.4.0.18 and earlier, and ApeosWare Management Suite 2 Ver.2.1.2.4 and earlier"
}
]
}
}
]
},
"vendor_name": "Fuji Xerox Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open redirect vulnerability in ApeosWare Management Suite Ver.1.4.0.18 and earlier, and ApeosWare Management Suite 2 Ver.2.1.2.4 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Open Redirect"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://onlinesupport.fujixerox.com/processDriverForm.do?ctry_code=SG\u0026lang_code=en\u0026d_lang=en\u0026corp_pid=AWMS2\u0026rts=null\u0026model=ApeosWare+Management+Suite+2\u0026type_id=7\u0026oslist=Windows+10+64bit\u0026lang_list=en",
"refsource": "MISC",
"url": "http://onlinesupport.fujixerox.com/processDriverForm.do?ctry_code=SG\u0026lang_code=en\u0026d_lang=en\u0026corp_pid=AWMS2\u0026rts=null\u0026model=ApeosWare+Management+Suite+2\u0026type_id=7\u0026oslist=Windows+10+64bit\u0026lang_list=en"
},
{
"name": "http://jvn.jp/en/jp/JVN07679150/index.html",
"refsource": "MISC",
"url": "http://jvn.jp/en/jp/JVN07679150/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2019-6004",
"datePublished": "2019-09-12T15:58:55.000Z",
"dateReserved": "2019-01-10T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:09:24.034Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10851 (GCVE-0-2017-10851)
Vulnerability from cvelistv5
Published
2017-09-01 14:00
Modified
2024-08-05 17:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Untrusted search path vulnerability
Summary
Untrusted search path vulnerability in Installer for ContentsBridge Utility for Windows 7.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fuji Xerox Co.,Ltd. | Installer for ContentsBridge Utility for Windows |
Version: 7.4.0 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:12.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#09769017",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN09769017/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Installer for ContentsBridge Utility for Windows",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "7.4.0 and earlier"
}
]
}
],
"datePublic": "2017-08-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Installer for ContentsBridge Utility for Windows 7.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-01T13:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#09769017",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN09769017/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10851",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Installer for ContentsBridge Utility for Windows",
"version": {
"version_data": [
{
"version_value": "7.4.0 and earlier"
}
]
}
}
]
},
"vendor_name": "Fuji Xerox Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Installer for ContentsBridge Utility for Windows 7.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#09769017",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN09769017/index.html"
},
{
"name": "http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html",
"refsource": "CONFIRM",
"url": "http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10851",
"datePublished": "2017-09-01T14:00:00.000Z",
"dateReserved": "2017-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:50:12.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10850 (GCVE-0-2017-10850)
Vulnerability from cvelistv5
Published
2017-09-01 14:00
Modified
2024-08-05 17:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Untrusted search path vulnerability
Summary
Untrusted search path vulnerability in Installers of ART EX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 12 Apr 2017 02:04 UTC.), PostScript? Driver + Additional Feature Plug-in + PPD File for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 12 Apr 2017 02:10 UTC.), XPS Print Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 3 Nov 2017 23:48 UTC.), ART EX Direct FAX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 26 May 2017 07:44 UTC.), Setting Restore Tool for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 25 Aug 2015 08:51 UTC.) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:12.585Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#09769017",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN09769017/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Installer of ART EX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Timestamp of code signing is before 12 Apr 2017 02:04 UTC"
}
]
},
{
"product": "Installer of ART EX Driver for DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Timestamp of code signing is before 12 Apr 2017 02:04 UTC"
}
]
},
{
"product": "Installer of PostScript? Driver + Additional Feature Plug-in + PPD File for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Timestamp of code signing is before 12 Apr 2017 02:10 UTC"
}
]
},
{
"product": "Installer of PostScript? Driver + Additional Feature Plug-in + PPD File for DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Timestamp of code signing is before 12 Apr 2017 02:10 UTC"
}
]
},
{
"product": "Installer of XPS Print Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Timestamp of code signing is before 3 Nov 2017 23:48 UTC"
}
]
},
{
"product": "Installer of XPS Print Driver for DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Timestamp of code signing is before 3 Nov 2017 23:48 UTC"
}
]
},
{
"product": "Installer of ART EX Direct FAX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Timestamp of code signing is before 26 May 2017 07:44 UTC"
}
]
},
{
"product": "Installer of ART EX Direct FAX Driver for DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Timestamp of code signing is before 26 May 2017 07:44 UTC"
}
]
},
{
"product": "Installer of Setting Restore Tool for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Timestamp of code signing is before 25 Aug 2015 08:51 UTC"
}
]
},
{
"product": "Installer of Setting Restore Tool for DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Timestamp of code signing is before 25 Aug 2015 08:51 UTC"
}
]
}
],
"datePublic": "2017-08-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Installers of ART EX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 12 Apr 2017 02:04 UTC.), PostScript? Driver + Additional Feature Plug-in + PPD File for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 12 Apr 2017 02:10 UTC.), XPS Print Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 3 Nov 2017 23:48 UTC.), ART EX Direct FAX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 26 May 2017 07:44 UTC.), Setting Restore Tool for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 25 Aug 2015 08:51 UTC.) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-01T13:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#09769017",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN09769017/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10850",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Installer of ART EX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271",
"version": {
"version_data": [
{
"version_value": "Timestamp of code signing is before 12 Apr 2017 02:04 UTC"
}
]
}
},
{
"product_name": "Installer of ART EX Driver for DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271",
"version": {
"version_data": [
{
"version_value": "Timestamp of code signing is before 12 Apr 2017 02:04 UTC"
}
]
}
},
{
"product_name": "Installer of PostScript? Driver + Additional Feature Plug-in + PPD File for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271",
"version": {
"version_data": [
{
"version_value": "Timestamp of code signing is before 12 Apr 2017 02:10 UTC"
}
]
}
},
{
"product_name": "Installer of PostScript? Driver + Additional Feature Plug-in + PPD File for DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271",
"version": {
"version_data": [
{
"version_value": "Timestamp of code signing is before 12 Apr 2017 02:10 UTC"
}
]
}
},
{
"product_name": "Installer of XPS Print Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271",
"version": {
"version_data": [
{
"version_value": "Timestamp of code signing is before 3 Nov 2017 23:48 UTC"
}
]
}
},
{
"product_name": "Installer of XPS Print Driver for DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271",
"version": {
"version_data": [
{
"version_value": "Timestamp of code signing is before 3 Nov 2017 23:48 UTC"
}
]
}
},
{
"product_name": "Installer of ART EX Direct FAX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271",
"version": {
"version_data": [
{
"version_value": "Timestamp of code signing is before 26 May 2017 07:44 UTC"
}
]
}
},
{
"product_name": "Installer of ART EX Direct FAX Driver for DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271",
"version": {
"version_data": [
{
"version_value": "Timestamp of code signing is before 26 May 2017 07:44 UTC"
}
]
}
},
{
"product_name": "Installer of Setting Restore Tool for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271",
"version": {
"version_data": [
{
"version_value": "Timestamp of code signing is before 25 Aug 2015 08:51 UTC"
}
]
}
},
{
"product_name": "Installer of Setting Restore Tool for DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271",
"version": {
"version_data": [
{
"version_value": "Timestamp of code signing is before 25 Aug 2015 08:51 UTC"
}
]
}
}
]
},
"vendor_name": "Fuji Xerox Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Installers of ART EX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 12 Apr 2017 02:04 UTC.), PostScript? Driver + Additional Feature Plug-in + PPD File for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 12 Apr 2017 02:10 UTC.), XPS Print Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 3 Nov 2017 23:48 UTC.), ART EX Direct FAX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 26 May 2017 07:44 UTC.), Setting Restore Tool for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 25 Aug 2015 08:51 UTC.) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#09769017",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN09769017/index.html"
},
{
"name": "http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html",
"refsource": "CONFIRM",
"url": "http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10850",
"datePublished": "2017-09-01T14:00:00.000Z",
"dateReserved": "2017-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:50:12.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10848 (GCVE-0-2017-10848)
Vulnerability from cvelistv5
Published
2017-09-01 14:00
Modified
2024-08-05 17:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Untrusted search path vulnerability
Summary
Untrusted search path vulnerability in Installers for DocuWorks 8.0.7 and earlier and DocuWorks Viewer Light published in Jul 2017 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Fuji Xerox Co.,Ltd. | Installer for DocuWorks |
Version: 8.0.7 and earlier |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:12.701Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#09769017",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN09769017/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Installer for DocuWorks",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "8.0.7 and earlier"
}
]
},
{
"product": "Installer for DocuWorks Viewer Light",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "published in Jul 2017 and earlier"
}
]
}
],
"datePublic": "2017-08-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Installers for DocuWorks 8.0.7 and earlier and DocuWorks Viewer Light published in Jul 2017 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-01T13:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#09769017",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN09769017/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10848",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Installer for DocuWorks",
"version": {
"version_data": [
{
"version_value": "8.0.7 and earlier"
}
]
}
},
{
"product_name": "Installer for DocuWorks Viewer Light",
"version": {
"version_data": [
{
"version_value": "published in Jul 2017 and earlier"
}
]
}
}
]
},
"vendor_name": "Fuji Xerox Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Installers for DocuWorks 8.0.7 and earlier and DocuWorks Viewer Light published in Jul 2017 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#09769017",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN09769017/index.html"
},
{
"name": "http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html",
"refsource": "CONFIRM",
"url": "http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10848",
"datePublished": "2017-09-01T14:00:00.000Z",
"dateReserved": "2017-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:50:12.701Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10849 (GCVE-0-2017-10849)
Vulnerability from cvelistv5
Published
2017-09-01 14:00
Modified
2024-08-05 17:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Untrusted search path vulnerability
Summary
Untrusted search path vulnerability in Self-extracting document generated by DocuWorks 8.0.7 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fuji Xerox Co.,Ltd. | Self-extracting document generated by DocuWorks |
Version: 8.0.7 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:12.633Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#09769017",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN09769017/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Self-extracting document generated by DocuWorks",
"vendor": "Fuji Xerox Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "8.0.7 and earlier"
}
]
}
],
"datePublic": "2017-08-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Self-extracting document generated by DocuWorks 8.0.7 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-01T13:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#09769017",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN09769017/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10849",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Self-extracting document generated by DocuWorks",
"version": {
"version_data": [
{
"version_value": "8.0.7 and earlier"
}
]
}
}
]
},
"vendor_name": "Fuji Xerox Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Self-extracting document generated by DocuWorks 8.0.7 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#09769017",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN09769017/index.html"
},
{
"name": "http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html",
"refsource": "CONFIRM",
"url": "http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10849",
"datePublished": "2017-09-01T14:00:00.000Z",
"dateReserved": "2017-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:50:12.633Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}