CVE-2006-4843

{"id": "CVE-2006-4843", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2007-03-29T21:19:00.000", "references": [{"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=493", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24633", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257026", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/23173", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1017824", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/1133", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33280", "source": "cve@mitre.org"}, {"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=493", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/24633", "tags": ["Exploit", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257026", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/23173", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1017824", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/1133", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33280", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified \"code sequences\" that bypass the protection scheme."}, {"lang": "es", "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la funcionalidad Active Content Filter de IBM Lotus Domino anterior a 6.5.6 y 7.x anterior a 7.0.2 FP1 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n mediante \"secuencias de c\u00f3digo\" no especificadas que evitan el esquema de protecci\u00f3n."}], "lastModified": "2024-11-21T00:16:52.530", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0766C3F9-D2A2-4A58-9FF7-11B57232DEA0"}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C00B8057-26DF-4064-A934-0AA88A0C1A6F"}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8EFA5487-2D61-4E61-98A3-51882A8CE0C4"}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A95404CC-47B8-40C6-BCED-FC3E68CA8D8F"}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F342FD1-7A60-4E7D-B56A-E1C3D560C728"}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.4:*:fp1:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99E2CC18-4049-470A-B6DB-580C65FED0A0"}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.4:*:fp2:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2396543F-1507-493C-B57F-3082D6E68894"}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C709D66D-3AE7-48B7-9E27-5D1FE452643C"}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.5:*:fp1:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B0B5F96-0762-45D3-B13E-1E4ED04AD69D"}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.5:*:fp2:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB1EA406-6488-46C0-B857-0BFFAA65B258"}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FDDB5FD-9152-4A9C-829B-8BA2ACB3A5A1"}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8A7AF44-125F-4760-8370-34B7B4CB8753"}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:7.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69495B18-39A4-443F-A724-F713C4DD14A2"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}