Lucene search

Kaspersky LabKLA10086

HistoryApr 26, 2006 - 12:00 a.m.

KLA10086 CI vulnerability in Avant Browser

2006-04-2600:00:00

Kaspersky Lab

threats.kaspersky.com

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.2 High

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.3%

JSON

An unspecified vulnerability was found in the Avant browser. By exploiting this vulnerability malicious users can inject command line arguments. This vulnerability can be exploited remotely with user assistance via a specially designed ‘mailto:’ link.

Original advisories

Related products

Avant-Browser

CVE list

CVE-2006-2058 critical

Solution

Update to latest version

Impacts

Code injection. Exploitation of vulnerabilities with this impact can lead to changes in target code.

Affected Products

Avant Browser version 10.1 build 17

References

statistics.securelist.com/

threats.kaspersky.com/en/product/Avant-Browser/

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.2 High

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.3%

JSON

Related for KLA10086