Lucene search

MitreCVE-2006-0978

HistoryMar 03, 2006 - 11:02 a.m.

CVE-2006-0978

2006-03-0311:02:00

mitre

web.nvd.nist.gov

argosoft

mail server

xss

1.8.8.5

security

vulnerabilities

remote attackers

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.006

Percentile

78.8%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the View Headers (aka viewheaders) functionality in ArGoSoft Mail Server Pro 1.8.8.5 allow remote attackers to inject arbitrary web script or HTML via (1) the Subject header, (2) the From header, and (3) certain other unspecified headers.

Affected configurations

Nvd

Node

argosoftargosoft_mail_serverMatch1.8.8.5pro

VendorProductVersionCPE
argosoftargosoft_mail_server1.8.8.5cpe:2.3:a:argosoft:argosoft_mail_server:1.8.8.5:*:pro:*:*:*:*:*

Vendor	Product	Version	CPE
argosoft	argosoft_mail_server	1.8.8.5	cpe:2.3:a:argosoft:argosoft_mail_server:1.8.8.5::pro:::::

References

secunia.com/advisories/18991

secunia.com/secunia_research/2006-6/advisory/

securityreason.com/securityalert/504

www.osvdb.org/23512

www.securityfocus.com/archive/1/426206/100/0/threaded

www.securityfocus.com/bid/16834

www.vupen.com/english/advisories/2006/0751

exchange.xforce.ibmcloud.com/vulnerabilities/24945

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.006

Percentile

78.8%

JSON

Related for CVE-2006-0978