Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2006-6985
HistoryFeb 09, 2007 - 1:28 a.m.

CVE-2006-6985

2007-02-0901:28:00
mitre
web.nvd.nist.gov
26
cve-2006-6985
maxthon
cross-domain vulnerability
remote attackers
restricted information

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

5.9

Confidence

Low

EPSS

0.935

Percentile

99.1%

JSON

Cross-domain vulnerability in Maxthon 1.5.6 build 42 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker’s originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, a similar vulnerability to CVE-2006-3280.

Affected configurations

Nvd
Node
maxthonmaxthonMatch1.5.6_build_42
VendorProductVersionCPE
maxthonmaxthon1.5.6_build_42cpe:2.3:a:maxthon:maxthon:1.5.6_build_42:*:*:*:*:*:*:*

Related

cvelist 11
nvd 11
cve 10
exploitdb 1
checkpoint_advisories 1
cert 1
securityvulns 2
nessus 1
cvelist
cvelist
CVE-2006-6985
2007-02-09 01:00:00
CVE-2006-3280
2006-06-28 22:00:00
CVE-2006-6983
2007-02-09 01:00:00
nvd
nvd
CVE-2006-6985
2007-02-09 01:28:00
CVE-2006-3280
2006-06-28 22:05:00
CVE-2006-6987
2007-02-09 01:28:00
cve
cve
CVE-2006-3280
2006-06-28 22:05:00
CVE-2006-6991
2007-02-09 01:28:00
CVE-2006-6983
2007-02-09 01:28:00
exploitdb
exploitdb
Microsoft Internet Explorer 5.0.1 - OuterHTML redirection Handling Information Disclosure
2006-06-27 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer Cross Domain Information Disclosure (MS06-042; CVE-2006-3280)
2010-01-25 00:00:00
cert
cert
Microsoft Internet Explorer HTML Document object cross-domain vulnerability
2006-06-28 00:00:00
securityvulns
securityvulns
Multiple Microsoft Internet Explorer and Windows security vulnerabilities
2006-08-09 00:00:00
Microsoft Security Bulletin MS06-042 Cumulative Security Update for Internet Explorer (918899)
2006-08-08 00:00:00
nessus
nessus
MS06-042: Cumulative Security Update for Internet Explorer (918899)
2006-08-08 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

5.9

Confidence

Low

EPSS

0.935

Percentile

99.1%

JSON
Related for CVE-2006-6985
cvelist11nvd11cve10exploitdb1checkpoint_advisories1cert1securityvulns2nessus1