Lucene search

PRIOn knowledge basePRION:CVE-2006-1300

HistoryJul 11, 2006 - 9:05 p.m.

Authentication flaw

2006-07-1121:05:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.949 High

EPSS

Percentile

99.2%

JSON

Microsoft .NET framework 2.0 (ASP.NET) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1 allows remote attackers to bypass access restrictions via unspecified “URL paths” that can access Application Folder objects “explicitly by name.”

CPENameOperatorVersion
.net_frameworkeq2.0

CPE	Name	Operator	Version
	.net_framework	eq	2.0

References

secunia.com/advisories/20999

securitytracker.com/id?1016465

www.osvdb.org/27153

www.securityfocus.com/bid/18920

www.vupen.com/english/advisories/2006/2751

docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-033

exchange.xforce.ibmcloud.com/vulnerabilities/26802

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A419

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.949 High

EPSS

Percentile

99.2%

JSON

Related for PRION:CVE-2006-1300