Lucene search

[email protected]CVE-2006-6989

HistoryFeb 09, 2007 - 1:28 a.m.

CVE-2006-6989

2007-02-0901:28:00

[email protected]

web.nvd.nist.gov

cve-2006-6989

netcaptor

cross-domain vulnerability

remote attackers

information security

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.935 High

EPSS

Percentile

99.1%

JSON

Cross-domain vulnerability in NetCaptor 4.5.7 Personal Edition allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker’s originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, a similar vulnerability to CVE-2006-3280.

Affected configurations

NVD

Node

netcaptornetcaptorMatch4.5.7_personal

CPENameOperatorVersion
netcaptor:netcaptornetcaptoreq4.5.7_personal

CPE	Name	Operator	Version
netcaptor:netcaptor	netcaptor	eq	4.5.7_personal

References

pridels0.blogspot.com/2006/06/multiple-browsers-information.html

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.935 High

EPSS

Percentile

99.1%

JSON

Related for CVE-2006-6989

nvd11 cvelist11 cve10 cert1 checkpoint_advisories1 securityvulns2 nessus1