Lucene search
HistoryJun 26, 2006 - 4:05 p.m.
CVE-2006-3225
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.009
Percentile
83.2%
Cross-site scripting (XSS) vulnerability in Sun ONE Application Server 7 before Update 9, Java System Application Server 7 2004Q2 before Update 5, and Java System Application Server Enterprise Edition 8.1 2005 Q1 allows remote attackers to inject arbitrary HTML or web script via unknown vectors.
Affected configurations
Node
sunjava_system_application_serverRange≤7.0ur4
ORsunjava_system_application_serverMatch8.1enterprise
ORsunone_application_serverRange≤7.0update_8
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sun | java_system_application_server | * | cpe:2.3:a:sun:java_system_application_server:*:ur4:*:*:*:*:*:* |
| sun | java_system_application_server | 8.1 | cpe:2.3:a:sun:java_system_application_server:8.1:*:enterprise:*:*:*:*:* |
| sun | one_application_server | * | cpe:2.3:a:sun:one_application_server:*:update_8:*:*:*:*:*:* |
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.009
Percentile
83.2%
Related for NVD:CVE-2006-3225