mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
121 lines
3.6 KiB
JSON
121 lines
3.6 KiB
JSON
{
|
|
"id": "CVE-2006-3217",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2006-06-24T01:06:00.000",
|
|
"lastModified": "2018-10-18T16:46:19.017",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "JaguarEditControl (JEdit) ActiveX Control 1.1.0.20 and earlier allows remote attackers to obtain sensitive information, such as the username and MAC and IP addresses, by setting the test field to certain values such as 2404 or 2790, then reading the information from the .JText field."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "JaguarEditControl (JEdit) ActiveX Control v1.1.0.20 y anteriores permiten a atacantes remotos obtener informaci\u00f3n sensible, como el nombre de usuario, direcci\u00f3n MAC y direcci\u00f3n IP, fijando el campo text a ciertos valores como a 2404 o 2790, entonces leyendo la informaci\u00f3n desde el campo .JText."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "HIGH",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 2.6
|
|
},
|
|
"baseSeverity": "LOW",
|
|
"exploitabilityScore": 4.9,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:jaguarsoft:jaguaredit:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "1.1.0.20",
|
|
"matchCriteriaId": "59EB165F-0C51-4196-A634-FC10FD885CE5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:jaguarsoft:jaguaredit:1.1.0.18:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "97571C4D-F9A9-48BA-A569-E380DEBB580E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:jaguarsoft:jaguaredit:1.1.0.19:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "349540FD-5263-4696-A5AB-F877A3456230"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://securityreason.com/securityalert/1145",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/437937/100/0/threaded",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/18576",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.srlabs.net/bulten/JaguarEdit_2.htm",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.srlabs.net/bulten/source/Jaguar.htm",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2006/2489",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27290",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |