CVE-2006-6510

Sažetak

An unspecified ActiveX control in SiteKiosk before 6.5.150 is installed "safe for scripting", which allows local users to bypass security protections and read arbitrary files via certain functions.

Reference

http://secunia.com/advisories/23253
http://www.securityfocus.com/archive/1/454185/100/0/threaded
http://www.securityfocus.com/bid/21567
http://www.sitekiosk.com/th_support/versions/index.php3?id=39
http://www.vupen.com/english/advisories/2006/4985
https://exchange.xforce.ibmcloud.com/vulnerabilities/30878

CVSS

Base:	1.7
Impact:	2.9
Exploitability:	3.1

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:L/Au:S/C:P/I:N/A:N

Zadnje važnije ažuriranje

17-10-2018 - 21:49

Objavljeno

14-12-2006 - 00:28