Lucene search

[email protected]CVE-2006-1394

HistoryMar 26, 2006 - 11:06 p.m.

CVE-2006-1394

2006-03-2623:06:00

[email protected]

web.nvd.nist.gov

cve-2006-1394

xss

university of washington

pubcookie

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.5%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the Microsoft IIS ISAPI filter (aka application server module) in University of Washington Pubcookie 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified attack vectors.

Affected configurations

NVD

Node

university_of_washingtonpubcookieMatch3.0.0

university_of_washingtonpubcookieMatch3.1.0

university_of_washingtonpubcookieMatch3.1.1

university_of_washingtonpubcookieMatch3.2.0

university_of_washingtonpubcookieMatch3.2.1

university_of_washingtonpubcookieMatch3.2.1a

university_of_washingtonpubcookieMatch3.3.0

CPENameOperatorVersion
university_of_washington:pubcookieuniversity of washington pubcookieeq3.0.0
university_of_washington:pubcookieuniversity of washington pubcookieeq3.1.0
university_of_washington:pubcookieuniversity of washington pubcookieeq3.1.1
university_of_washington:pubcookieuniversity of washington pubcookieeq3.2.0
university_of_washington:pubcookieuniversity of washington pubcookieeq3.2.1
university_of_washington:pubcookieuniversity of washington pubcookieeq3.2.1a
university_of_washington:pubcookieuniversity of washington pubcookieeq3.3.0

CPE	Name	Operator	Version
university_of_washington:pubcookie	university of washington pubcookie	eq	3.0.0
university_of_washington:pubcookie	university of washington pubcookie	eq	3.1.0
university_of_washington:pubcookie	university of washington pubcookie	eq	3.1.1
university_of_washington:pubcookie	university of washington pubcookie	eq	3.2.0
university_of_washington:pubcookie	university of washington pubcookie	eq	3.2.1
university_of_washington:pubcookie	university of washington pubcookie	eq	3.2.1a
university_of_washington:pubcookie	university of washington pubcookie	eq	3.3.0

References

pubcookie.org/news/20060306-apps-secadv.html

secunia.com/advisories/19348

www.kb.cert.org/vuls/id/314540

www.osvdb.org/24520

www.securityfocus.com/bid/17221

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.5%

JSON

Related for CVE-2006-1394

nvd1 prion1 cvelist1