CVE-2006-6276

Sažetak

HTTP request smuggling vulnerability in Sun Java System Proxy Server before 20061130, when used with Sun Java System Application Server or Sun Java System Web Server, allows remote attackers to bypass HTTP request filtering, hijack web sessions, perform cross-site scripting (XSS), and poison web caches via unspecified attack vectors.

Reference

http://secunia.com/advisories/23186
http://securitytracker.com/id?1017322
http://securitytracker.com/id?1017323
http://securitytracker.com/id?1017324
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102733-1
http://www.securityfocus.com/bid/21371
http://www.vupen.com/english/advisories/2006/4793
https://exchange.xforce.ibmcloud.com/vulnerabilities/30662

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

09-02-2024 - 02:34

Objavljeno

04-12-2006 - 11:28