Lucene search

[email protected]CVE-2006-0978

HistoryMar 03, 2006 - 11:02 a.m.

CVE-2006-0978

2006-03-0311:02:00

[email protected]

web.nvd.nist.gov

argosoft

mail server

xss

1.8.8.5

security

vulnerabilities

remote attackers

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.8%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the View Headers (aka viewheaders) functionality in ArGoSoft Mail Server Pro 1.8.8.5 allow remote attackers to inject arbitrary web script or HTML via (1) the Subject header, (2) the From header, and (3) certain other unspecified headers.

Affected configurations

NVD

Node

argosoftargosoft_mail_serverMatch1.8.8.5pro

CPENameOperatorVersion
argosoft:argosoft_mail_serverargosoft argosoft mail servereq1.8.8.5

CPE	Name	Operator	Version
argosoft:argosoft_mail_server	argosoft argosoft mail server	eq	1.8.8.5

References

secunia.com/advisories/18991

secunia.com/secunia_research/2006-6/advisory/

securityreason.com/securityalert/504

www.osvdb.org/23512

www.securityfocus.com/archive/1/426206/100/0/threaded

www.securityfocus.com/bid/16834

www.vupen.com/english/advisories/2006/0751

exchange.xforce.ibmcloud.com/vulnerabilities/24945

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.8%

JSON

Related for CVE-2006-0978

nessus1 cvelist1 nvd1 prion1