4

CVE-2006-2925

Cross-site scripting (XSS) vulnerability in the web interface in Ingate Firewall before 4.4.1 and SIParator before 4.4.1 allows remote attackers to inject arbitrary web script or HTML, and steal cookies, via unspecified vectors related to "XSS exploits" in administrator functionality.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IngateIngate Firewall Version <= 4.3.4
IngateIngate Firewall Version4.3.1
IngateSiparator Version <= 4.3.4
IngateSiparator Version4.3.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.29% 0.668
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 4.9 4.9
AV:N/AC:H/Au:N/C:P/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/20479
Patch
Vendor Advisory
http://securitytracker.com/id?1016244
http://securitytracker.com/id?1016245
http://www.ingate.com/relnote-441.php
Patch
http://www.vupen.com/english/advisories/2006/2183
https://exchange.xforce.ibmcloud.com/vulnerabilities/26978