Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3225

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2006-3225
Last Modified 07 Mar 2011 09:38:07
Published 26 Jun 2006 12:05:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-3225

Summary

Cross-site scripting (XSS) vulnerability in Sun ONE Application Server 7 before Update 9, Java System Application Server 7 2004Q2 before Update 5, and Java System Application Server Enterprise Edition 8.1 2005 Q1 allows remote attackers to inject arbitrary HTML or web script via unknown vectors.

Vulnerable Systems

Application

  • Sun Java System Application Server 7.0

  • Sun Java System Application Server 8.1

  • Sun One Application Server 7.0


References

VUPEN - ADV-2006-2508

SUNALERT - 102479

XF - sun-java-parameters-xss(27392)

BID - 18635

SECTRACK - 1016378

SECUNIA - 20835


Last Updated: 27 May 2016 10:42:56