Lucene search

[email protected]CVE-2006-5152

HistoryOct 05, 2006 - 4:04 a.m.

CVE-2006-5152

2006-10-0504:04:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-5152

cross-site scripting

xss

internet explorer

security vulnerability

5.7 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.608 Medium

EPSS

Percentile

97.8%

JSON

Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded URL that is returned in a large HTTP 404 error message without an explicit charset, a related issue to CVE-2006-0032.

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq6.0.2900

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	6.0.2900

References

archives.neohapsis.com/archives/fulldisclosure/2006-10/0017.html

archives.neohapsis.com/archives/fulldisclosure/2006-10/0030.html

www.osvdb.org/31328

www.securityfocus.com/archive/1/447509/100/0/threaded

www.securityfocus.com/archive/1/447516/100/0/threaded

www.securityfocus.com/archive/1/447574/100/0/threaded

5.7 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.608 Medium

EPSS

Percentile

97.8%

JSON

Related for CVE-2006-5152

nessus1 cert1 checkpoint_advisories1 prion1 securityvulns1 jvn1 cve1