Lucene search

[email protected]CVE-2006-3217

HistoryJun 24, 2006 - 1:06 a.m.

CVE-2006-3217

2006-06-2401:06:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-3217

jaguareditcontrol

jedit

activex control

remote attackers

sensitive information

security vulnerability

7.1 High

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.011 Low

EPSS

Percentile

84.2%

JSON

JaguarEditControl (JEdit) ActiveX Control 1.1.0.20 and earlier allows remote attackers to obtain sensitive information, such as the username and MAC and IP addresses, by setting the test field to certain values such as 2404 or 2790, then reading the information from the .JText field.

CPENameOperatorVersion
jaguarsoft:jaguareditjaguarsoft jaguarediteq1.1.0.19
jaguarsoft:jaguareditjaguarsoft jaguareditle1.1.0.20
jaguarsoft:jaguareditjaguarsoft jaguarediteq1.1.0.18

CPE	Name	Operator	Version
jaguarsoft:jaguaredit	jaguarsoft jaguaredit	eq	1.1.0.19
jaguarsoft:jaguaredit	jaguarsoft jaguaredit	le	1.1.0.20
jaguarsoft:jaguaredit	jaguarsoft jaguaredit	eq	1.1.0.18

References

secunia.com/advisories/20759

securityreason.com/securityalert/1145

www.securityfocus.com/archive/1/437937/100/0/threaded

www.securityfocus.com/bid/18576

www.srlabs.net/bulten/JaguarEdit_2.htm

www.srlabs.net/bulten/source/Jaguar.htm

www.vupen.com/english/advisories/2006/2489

exchange.xforce.ibmcloud.com/vulnerabilities/27290

7.1 High

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.011 Low

EPSS

Percentile

84.2%

JSON