ID
VAR-201101-0408
TITLE
Lexmark Printer Ready Message Value HTML Code Injection Vulnerability
Trust: 0.6
DESCRIPTION
Lexmark Printer X651de is a printer from Lexmark, USA. The Lexmark Printer X651de has an HTML injection vulnerability in its implementation, which is not properly filtered when using user-provided input in dynamically generated content. A remote attacker could exploit this vulnerability to run HTML and script code in an affected printer web interface application, stealing cookie authentication credentials or controlling the appearance of the site. Other attacks are also possible. Lexmark Printer X651de is vulnerable; other versions may also be affected
Trust: 0.81
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | lexmark | model: | laser printer x651de | scope: | - | version: | - | Trust: 0.6 |
| vendor: | lexmark | model: | x651de | scope: | - | version: | - | Trust: 0.3 |
THREAT TYPE
network
Trust: 0.3
TYPE
Input Validation Error
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 45688 | Trust: 0.9 |
| db: | CNVD | id: | CNVD-2011-0081 | Trust: 0.6 |
REFERENCES
| url: | http://www.securityfocus.com/bid/45688 | Trust: 0.6 |
| url: | http://www1.lexmark.com/ | Trust: 0.3 |
| url: | http://www1.lexmark.com/products/view/multifunction/lexmark-x651de/catid=cat10008-category&prodid=4662-product | Trust: 0.3 |
CREDITS
dave b
Trust: 0.3
SOURCES
| db: | CNVD | id: | CNVD-2011-0081 |
| db: | BID | id: | 45688 |
LAST UPDATE DATE
2022-05-17T02:09:12.441000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2011-0081 | date: | 2011-01-11T00:00:00 |
| db: | BID | id: | 45688 | date: | 2011-01-06T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2011-0081 | date: | 2011-01-11T00:00:00 |
| db: | BID | id: | 45688 | date: | 2011-01-06T00:00:00 |