Vulnerability Description
The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 does not restrict the filenames or extensions of uploaded files, which makes it easier for remote attackers to execute arbitrary code or overwrite files by leveraging CVE-2008-7110 and CVE-2008-7109.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kyoceramita | Scanner File Utility | 3.3.0.1 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/31631Vendor Advisory
- http://www.informit.com/guides/content.aspx?g=security&seqNum=320
- http://www.securityfocus.com/archive/1/495772/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53003
- http://secunia.com/advisories/31631Vendor Advisory
- http://www.informit.com/guides/content.aspx?g=security&seqNum=320
- http://www.securityfocus.com/archive/1/495772/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53003
FAQ
What is CVE-2008-7111?
CVE-2008-7111 is a vulnerability with a CVSS score of 9.3 (HIGH). The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 does not restrict the filenames or extensions of uploaded files, which makes it easier for remote attackers to execute arbitrary co...
How severe is CVE-2008-7111?
CVE-2008-7111 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-7111?
Check the references section above for vendor advisories and patch information. Affected products include: Kyoceramita Scanner File Utility.