CVE-2006-2634

Cross-site scripting (XSS) vulnerability in Neocrome Land Down Under (LDU) in Neocrome Seditio 102 allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer field.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://yns.zaxaz.com/advisories/seditio.txt	Exploit Vendor Advisory
http://www.securityfocus.com/bid/18130
http://secunia.com/advisories/20307	Vendor Advisory
http://securityreason.com/securityalert/967
http://www.vupen.com/english/advisories/2006/2026
https://exchange.xforce.ibmcloud.com/vulnerabilities/26713
http://www.securityfocus.com/archive/1/435145/100/0/threaded

Configurations

Configuration 1 (hide)

cpe:2.3:a:neocrome:seditio:102:*:*:*:*:*:*:*

Information

Published : 2006-05-30 03:02

Updated : 2018-10-18 09:41

NVD link : CVE-2006-2634

Mitre link : CVE-2006-2634

JSON object : View

CWE

NVD-CWE-Other

Products Affected

neocrome

seditio

4.3 /10