Lucene search
HistoryJun 13, 2006 - 10:02 a.m.
CVE-2006-3007
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.006
Percentile
78.9%
Multiple cross-site scripting (XSS) vulnerabilities in SHOUTcast 1.9.5 allow remote attackers to inject arbitrary HTML or web script via the DJ fields (1) Description, (2) URL, (3) Genre, (4) AIM, and (5) ICQ.
Affected configurations
Node
nullsoftshoutcast_serverMatch1.7.1linux
ORnullsoftshoutcast_serverMatch1.8.3win32
ORnullsoftshoutcast_serverMatch1.8.9freebsd
ORnullsoftshoutcast_serverMatch1.8.9linux
ORnullsoftshoutcast_serverMatch1.8.9mac_os_x
ORnullsoftshoutcast_serverMatch1.8.9solaris
ORnullsoftshoutcast_serverMatch1.8.9win32
ORnullsoftshoutcast_serverMatch1.9.2win32
ORnullsoftshoutcast_serverMatch1.9.4linux
ORnullsoftshoutcast_serverMatch1.9.4mac_os_x
ORnullsoftshoutcast_serverMatch1.9.4win32
ORnullsoftshoutcast_serverMatch1.9.5linux
ORnullsoftshoutcast_serverMatch1.9.5mac_os_x
ORnullsoftshoutcast_serverMatch1.9.5win32
| Vendor | Product | Version | CPE |
|---|---|---|---|
| nullsoft | shoutcast_server | 1.7.1 | cpe:2.3:a:nullsoft:shoutcast_server:1.7.1:*:linux:*:*:*:*:* |
| nullsoft | shoutcast_server | 1.8.3 | cpe:2.3:a:nullsoft:shoutcast_server:1.8.3:*:win32:*:*:*:*:* |
| nullsoft | shoutcast_server | 1.8.9 | cpe:2.3:a:nullsoft:shoutcast_server:1.8.9:*:freebsd:*:*:*:*:* |
| nullsoft | shoutcast_server | 1.8.9 | cpe:2.3:a:nullsoft:shoutcast_server:1.8.9:*:linux:*:*:*:*:* |
| nullsoft | shoutcast_server | 1.8.9 | cpe:2.3:a:nullsoft:shoutcast_server:1.8.9:*:mac_os_x:*:*:*:*:* |
| nullsoft | shoutcast_server | 1.8.9 | cpe:2.3:a:nullsoft:shoutcast_server:1.8.9:*:solaris:*:*:*:*:* |
| nullsoft | shoutcast_server | 1.8.9 | cpe:2.3:a:nullsoft:shoutcast_server:1.8.9:*:win32:*:*:*:*:* |
| nullsoft | shoutcast_server | 1.9.2 | cpe:2.3:a:nullsoft:shoutcast_server:1.9.2:*:win32:*:*:*:*:* |
| nullsoft | shoutcast_server | 1.9.4 | cpe:2.3:a:nullsoft:shoutcast_server:1.9.4:*:linux:*:*:*:*:* |
| nullsoft | shoutcast_server | 1.9.4 | cpe:2.3:a:nullsoft:shoutcast_server:1.9.4:*:mac_os_x:*:*:*:*:* |
Related
nessus
nessus
FreeBSD : shoutcast -- XSS, information exposure (67dbe99f-0f09-11db-94f8-00e029485e38)
2006-07-13 00:00:00
GLSA-200607-05 : SHOUTcast server: Multiple vulnerabilities
2006-07-10 00:00:00
cvelist
cvelist
CVE-2006-3007
2006-06-13 10:00:00
openvas
openvas
FreeBSD Ports: shoutcast, linux-shoutcast
2008-09-04 00:00:00
FreeBSD Ports: shoutcast, linux-shoutcast
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200607-05 (shoutcast)
2008-09-24 00:00:00
freebsd
freebsd
shoutcast -- cross-site scripting, information exposure
2006-06-09 00:00:00
cve
cve
CVE-2006-3007
2006-06-13 10:02:00
gentoo
gentoo
SHOUTcast server: Multiple vulnerabilities
2006-07-09 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.006
Percentile
78.9%
Related for NVD:CVE-2006-3007