Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3342

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2006-3342
Last Modified 05 Sep 2013 12:57:45
Published 03 Jul 2006 02:05:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-3342

Summary

Cross-site scripting (XSS) vulnerability in index.php in Arctic 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search cmd.

Vulnerable Systems

Application

  • Olate Arctic 1.0.2


References

OSVDB - 26668

CONFIRM - http://www.olate.co.uk/forums/index.php?showtopic=1698

SECUNIA - 20663

VUPEN - ADV-2006-2436

XF - arctic-search-xss(27285)

BID - 18536

MISC - http://pridels0.blogspot.com/2006/06/arctic-xss.html


Last Updated: 27 May 2016 10:42:58