Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2006-6276
HistoryDec 04, 2006 - 11:28 a.m.

CVE-2006-6276

2006-12-0411:28:00
CWE-444
mitre
web.nvd.nist.gov
34
cve-2006-6276
http request smuggling
sun java system proxy server
sun java system application server
sun java system web server
security vulnerability
web sessions hijacking
cross-site scripting
xss
web cache poisoning

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

High

EPSS

0.015

Percentile

87.2%

JSON

HTTP request smuggling vulnerability in Sun Java System Proxy Server before 20061130, when used with Sun Java System Application Server or Sun Java System Web Server, allows remote attackers to bypass HTTP request filtering, hijack web sessions, perform cross-site scripting (XSS), and poison web caches via unspecified attack vectors.

Affected configurations

Nvd
Node
sunjava_system_application_serverMatch7.0
OR
sunjava_system_application_serverMatch8.1
OR
sunjava_system_web_proxy_serverMatch-
OR
sunjava_system_web_proxy_serverMatch3.6
OR
sunjava_system_web_proxy_serverMatch4.0
OR
sunjava_system_web_serverMatch6.0
OR
sunjava_system_web_serverMatch6.1
OR
sunone_application_serverMatch7.0
VendorProductVersionCPE
sunjava_system_application_server7.0cpe:2.3:a:sun:java_system_application_server:7.0:*:*:*:*:*:*:*
sunjava_system_application_server8.1cpe:2.3:a:sun:java_system_application_server:8.1:*:*:*:*:*:*:*
sunjava_system_web_proxy_server-cpe:2.3:a:sun:java_system_web_proxy_server:-:*:*:*:*:*:*:*
sunjava_system_web_proxy_server3.6cpe:2.3:a:sun:java_system_web_proxy_server:3.6:*:*:*:*:*:*:*
sunjava_system_web_proxy_server4.0cpe:2.3:a:sun:java_system_web_proxy_server:4.0:*:*:*:*:*:*:*
sunjava_system_web_server6.0cpe:2.3:a:sun:java_system_web_server:6.0:*:*:*:*:*:*:*
sunjava_system_web_server6.1cpe:2.3:a:sun:java_system_web_server:6.1:*:*:*:*:*:*:*
sunone_application_server7.0cpe:2.3:a:sun:one_application_server:7.0:*:*:*:*:*:*:*

Related

nvd 1
cvelist 1
nvd
nvd
CVE-2006-6276
2006-12-04 11:28:00
cvelist
cvelist
CVE-2006-6276
2006-12-04 11:00:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

High

EPSS

0.015

Percentile

87.2%

JSON
Related for CVE-2006-6276
nvd1cvelist1