Lucene search

[email protected]CVE-2006-3436

HistoryOct 10, 2006 - 9:07 p.m.

CVE-2006-3436

2006-10-1021:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-3436

cross-site scripting

xss

microsoft .net framework 2.0

security vulnerability

nvd

5.6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.914 High

EPSS

Percentile

98.8%

JSON

Cross-site scripting (XSS) vulnerability in Microsoft .NET Framework 2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving “ASP.NET controls that set the AutoPostBack property to true”.

CPENameOperatorVersion
microsoft:.net_frameworkmicrosoft .net frameworkeq2.0

CPE	Name	Operator	Version
microsoft:.net_framework	microsoft .net framework	eq	2.0

References

secunia.com/advisories/22307

securitytracker.com/id?1017029

www.kb.cert.org/vuls/id/455604

www.securityfocus.com/archive/1/449179/100/0/threaded

www.securityfocus.com/bid/20337

www.vupen.com/english/advisories/2006/3976

docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-056

exchange.xforce.ibmcloud.com/vulnerabilities/28658

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A377

5.6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.914 High

EPSS

Percentile

98.8%

JSON

Related for CVE-2006-3436

openvas2 securityvulns1 cert1 nessus2