6.8

CVE-2006-4958

Multiple cross-site scripting (XSS) vulnerabilities in Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.20.983 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi.  NOTE: This information is based upon a vague initial disclosure.  Details will be updated as they become available.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SunSecure Global Desktop Version3.42 Editionenterprise
SunSecure Global Desktop Version4.0 Editionenterprise
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.85% 0.849
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/22037
http://securityreason.com/securityalert/1623
http://securitytracker.com/id?1016900
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102650-1
http://support.avaya.com/elmodocs2/security/ASA-2006-235.htm
http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555
http://www.securityfocus.com/archive/1/446566/100/0/threaded
http://www.securityfocus.com/bid/20135
http://www.securityfocus.com/bid/20276
http://www.vupen.com/english/advisories/2006/3739
https://exchange.xforce.ibmcloud.com/vulnerabilities/29070
https://exchange.xforce.ibmcloud.com/vulnerabilities/29303