Lucene search

[email protected]CVE-2006-4660

HistorySep 09, 2006 - 12:04 a.m.

CVE-2006-4660

2006-09-0900:04:00

[email protected]

web.nvd.nist.gov

cve-2006-4660

cross-site scripting

xss

aol

icq toolbar

internet explorer

remote attackers

rss feed module

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.5%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the RSS Feed module in AOL ICQ Toolbar 1.3 for Internet Explorer (toolbaru.dll) allow remote attackers to process arbitrary web script or HTML in the Feeds interface context via the (1) title and (2) description elements within an item element in an RSS feed.

Affected configurations

NVD

Node

icq_incicq_toolbarMatch1.3_for_internet_explorer

CPENameOperatorVersion
icq_inc:icq_toolbaricq inc icq toolbareq1.3_for_internet_explorer

CPE	Name	Operator	Version
icq_inc:icq_toolbar	icq inc icq toolbar	eq	1.3_for_internet_explorer

References

secunia.com/advisories/21809

securityreason.com/securityalert/1523

www.coresecurity.com/index.php5?module=ContentMod&action=item&id=1510

www.securityfocus.com/archive/1/445515/100/0/threaded

www.securityfocus.com/bid/19900

www.vupen.com/english/advisories/2006/3528

exchange.xforce.ibmcloud.com/vulnerabilities/28809

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.5%

JSON

Related for CVE-2006-4660

cvelist1 nvd1 coresecurity1