Lucene search

[email protected]CVE-2006-3436

HistoryOct 10, 2006 - 9:07 p.m.

CVE-2006-3436

2006-10-1021:07:00

[email protected]

web.nvd.nist.gov

cve-2006-3436

cross-site scripting

xss

microsoft .net framework 2.0

security vulnerability

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.4 Medium

AI Score

Confidence

High

0.914 High

EPSS

Percentile

98.9%

JSON

Cross-site scripting (XSS) vulnerability in Microsoft .NET Framework 2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving “ASP.NET controls that set the AutoPostBack property to true”.

Affected configurations

NVD

Node

microsoft.net_frameworkMatch2.0

CPENameOperatorVersion
microsoft:.net_frameworkmicrosoft .net frameworkeq2.0

CPE	Name	Operator	Version
microsoft:.net_framework	microsoft .net framework	eq	2.0

References

secunia.com/advisories/22307

securitytracker.com/id?1017029

www.kb.cert.org/vuls/id/455604

www.securityfocus.com/archive/1/449179/100/0/threaded

www.securityfocus.com/bid/20337

www.vupen.com/english/advisories/2006/3976

docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-056

exchange.xforce.ibmcloud.com/vulnerabilities/28658

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A377

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.4 Medium

AI Score

Confidence

High

0.914 High

EPSS

Percentile

98.9%

JSON

Related for CVE-2006-3436

nessus2 cvelist1 securityvulns1 cert1 openvas2 nvd1