Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3436

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-3436
Last Modified 07 Mar 2011 09:38:38
Published 10 Oct 2006 05:07:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-3436

Summary

Cross-site scripting (XSS) vulnerability in Microsoft .NET Framework 2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving "ASP.NET controls that set the AutoPostBack property to true".

Vulnerable Systems

Application

  • Microsoft .net Framework 2.0


References

CERT-VN - VU#455604

MS - MS06-056

XF - asp-http-xss(28658)

VUPEN - ADV-2006-3976

BID - 20337

HP - HPSBST02161

HP - SSRT061264

SECTRACK - 1017029

SECUNIA - 22307


Last Updated: 27 May 2016 10:43:00