6.8

CVE-2006-3636

Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.9rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnuMailman Version2.1
GnuMailman Version2.1.1
GnuMailman Version2.1.1 Updatebeta1
GnuMailman Version2.1.2
GnuMailman Version2.1.3
GnuMailman Version2.1.4
GnuMailman Version2.1.5
GnuMailman Version2.1.5.8
GnuMailman Version2.1.6
GnuMailman Version2.1.7
GnuMailman Version2.1.8
GnuMailman Version2.1b1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 6.43% 0.928
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/22639
http://www.novell.com/linux/security/advisories/2006_25_sr.html
http://mail.python.org/pipermail/mailman-announce/2006-September/000087.html
http://rhn.redhat.com/errata/RHSA-2006-0600.html
http://secunia.com/advisories/21732
Patch
Vendor Advisory
http://secunia.com/advisories/21792
http://secunia.com/advisories/21879
http://secunia.com/advisories/22011
http://secunia.com/advisories/22020
http://security.gentoo.org/glsa/glsa-200609-12.xml
http://securitytracker.com/id?1016808
http://sourceforge.net/project/shownotes.php?group_id=103&release_id=444295
Patch
http://www.mandriva.com/security/advisories?name=MDKSA-2006:165
http://www.securityfocus.com/bid/19831
http://www.ubuntu.com/usn/usn-345-1
http://www.vupen.com/english/advisories/2006/3446
http://moritz-naumann.com/adv/0013/mailmanmulti/0013.txt
http://secunia.com/advisories/22227
http://www.debian.org/security/2006/dsa-1188
http://www.securityfocus.com/archive/1/445992/100/0/threaded
http://www.securityfocus.com/bid/20021
https://exchange.xforce.ibmcloud.com/vulnerabilities/28731
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10553