mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
102 lines
2.8 KiB
JSON
102 lines
2.8 KiB
JSON
{
|
|
"id": "CVE-2006-5712",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2006-11-04T01:07:00.000",
|
|
"lastModified": "2017-07-20T01:33:54.837",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Cross-site scripting (XSS) vulnerability in Mirapoint WebMail allows remote attackers to inject arbitrary web script via the expression Cascading Style Sheets (CSS) function, as demonstrated using the width style for an IMG element."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) permite a un atacante remoto inyectar secuencias de comandos web a trav\u00e9s de la funci\u00f3n expresi\u00f3n CSS, como se demostr\u00f3 con el uso del estilo witdht para un elemento IMG."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 4.3
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mirapoint:mirapoint_webmail:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F356C092-B4CE-4702-937D-43DEA6C0CDE6"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://marc.info/?l=full-disclosure&m=116232831525086&w=2",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://osvdb.org/33820",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://securitytracker.com/id?1017146",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/20840",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29928",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |