Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1712

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2006-1712
Last Modified 07 Mar 2011 09:33:38
Published 11 Apr 2006 03:06:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-1712

Summary

Cross-site scripting (XSS) vulnerability in the private archive script (private.py) in GNU Mailman 2.1.7 allows remote attackers to inject arbitrary web script or HTML via the action argument.

Vulnerable Systems

Application

  • Gnu Mailman 2.1.7


References

BID - 17403

SECTRACK - 1015876

SECUNIA - 19558

VUPEN - ADV-2006-1269

OSVDB - 24442

MLIST - [Mailman-Announce] 20060407 Released: Mailman 2.1.8 release candidate

MISC - http://bugs.gentoo.org/show_bug.cgi?id=129136

CONFIRM - http://www.mail-archive.com/mailman-checkins@python.org/msg06273.html


Last Updated: 27 May 2016 10:42:10