Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2991

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-2991
Last Modified 07 Mar 2011 09:37:26
Published 12 Jun 2006 09:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-2991

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Ringlink 3.2 allow remote attackers to inject arbitrary web script or HTML via a JavaScript URI in the SRC attribute of an IMG element, and possibly other manipulations, in the ringid parameter in (1) next.cgi, (2) stats.cgi, or (3) list.cgi.

Vulnerable Systems

Application

  • Ringlink 3.2


References

VUPEN - ADV-2006-2281

BID - 18360

BUGTRAQ - 20060610 Ringlink v3.2 - XSS

OSVDB - 26320

OSVDB - 26319

OSVDB - 26318

SECUNIA - 20590

XF - ringlink-multiple-scripts-xss(27053)

SREASON - 1082


Last Updated: 27 May 2016 10:42:50