Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2311

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2006-2311
Last Modified 07 Mar 2011 09:35:56
Published 26 Jun 2006 06:06:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-2311

Summary

Cross-site scripting (XSS) vulnerability in BlueDragon Server and Server JX 6.2.1.286 for Windows allows remote attackers to inject arbitrary web script or HTML via the filename in a request to a (1) .cfm or (2) .cfml file, which reflects the result in the default error page.

Vulnerable Systems

Application

  • New Atlanta Communications Bluedragon Server 6.2.1.286

  • New Atlanta Communications Bluedragon Server Jx 6.2.1.286


References

VUPEN - ADV-2006-2502

MISC - http://secunia.com/secunia_research/2006-18/advisory

SECUNIA - 19180

BID - 18623


Last Updated: 27 May 2016 10:42:25