nvd-json-data-feeds/CVE-2006/CVE-2006-46xx/CVE-2006-4661.json

{
  "id": "CVE-2006-4661",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2006-09-09T00:04:00.000",
  "lastModified": "2018-10-17T21:38:56.607",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "AOL ICQ Toolbar 1.3 for Internet Explorer (toolbaru.dll) does not properly validate the origin of the configuration web page (options2.html), which allows user-assisted remote attackers to provide a web page that contains disguised checkboxes that trick the user into reconfiguring the toolbar."
    },
    {
      "lang": "es",
      "value": "AOL ICQ Toolbar 1.3 para Internet Explorer (toolbaru.dll)no valida adecuadamente el origen de la configuraci\u00f3n de la p\u00e1gina web (options2.html), lo cual permite que un atacante remoto con la complicidad del usuario proveer una p\u00e1gina web que contengan botones de chequeo disfrazados que enga\u00f1an al usuario en la configuraci\u00f3n de nuevo de la barra de herramientas."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "HIGH",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 2.6
        },
        "baseSeverity": "LOW",
        "exploitabilityScore": 4.9,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:icq_inc:icq_toolbar:1.3_for_internet_explorer:*:*:*:*:*:*:*",
              "matchCriteriaId": "55B074A0-C0A0-48F5-88CD-80EF81E57AD4"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://securityreason.com/securityalert/1523",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.coresecurity.com/index.php5?module=ContentMod&action=item&id=1510",
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.securityfocus.com/archive/1/445515/100/0/threaded",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/bid/19900",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.vupen.com/english/advisories/2006/3528",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28814",
      "source": "cve@mitre.org"
    }
  ]
}