Vulnerability CVE-2010-0101


Published: 2010-05-04   Modified: 2012-02-13

Description:
The embedded HTTP server in multiple Lexmark laser and inkjet printers and MarkNet devices, including X94x, W840, T656, N4000, E462, C935dn, 25xxN, and other models, allows remote attackers to cause a denial of service (operating system halt) via a malformed HTTP Authorization header.

Type:

CWE-20

(Improper Input Validation)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Lexmark -> 25xxn 
Lexmark -> E240 
Lexmark -> N8130 
Lexmark -> X544 
Lexmark -> C510 
Lexmark -> E240n 
Lexmark -> T430 
Lexmark -> X546 
Lexmark -> C52X 
Lexmark -> E250 
Lexmark -> T64X 
Lexmark -> X642 
Lexmark -> C53X 
Lexmark -> E260 
Lexmark -> T650 
Lexmark -> X644 
Lexmark -> C540 
Lexmark -> E33X 
Lexmark -> T652 
Lexmark -> X646 
Lexmark -> C543 
Lexmark -> E34X 
Lexmark -> T654 
Lexmark -> X64xef 
Lexmark -> C544 
Lexmark -> E350 
Lexmark -> T656 
Lexmark -> X65X 
Lexmark -> C546 
Lexmark -> E360d 
Lexmark -> W840 
Lexmark -> X73X 
Lexmark -> C73X 
Lexmark -> E360dn 
Lexmark -> W850 
Lexmark -> X772e 
Lexmark -> C77X 
Lexmark -> E450 
Lexmark -> X20X 
Lexmark -> X782e 
Lexmark -> C78X 
Lexmark -> E460 
Lexmark -> X26X 
Lexmark -> X85X 
Lexmark -> C920 
Lexmark -> E462 
Lexmark -> X34X 
Lexmark -> X86X 
Lexmark -> C935dn 
Lexmark -> N4000 
Lexmark -> X36X 
Lexmark -> X94X 
Lexmark -> E120 
Lexmark -> N4050e 
Lexmark -> X422 
Lexmark -> E238 
Lexmark -> N70xxe 
Lexmark -> X46X 
Lexmark -> E23X 
Lexmark -> N8120 
Lexmark -> X543 

 References:
http://support.lexmark.com/index?page=content&id=TE87&locale=EN&userlocale=EN_US

Copyright 2020, cxsecurity.com

 

Back to Top