CVE-2006-3109 (GCVE-0-2006-3109)
Vulnerability from cvelistv5
Published
2006-06-21 01:00
Modified
2024-08-07 18:16
Severity ?
CWE
  • n/a
Summary
Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in ccmadmin/phonelist.asp and (2) arbitrary parameters in ccmuser/logon.asp, aka bugid CSCsb68657.
References
cve@mitre.org http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047015.html
cve@mitre.org http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047019.html
cve@mitre.org http://secunia.com/advisories/20735
cve@mitre.org http://securityreason.com/securityalert/1114
cve@mitre.org http://securitytracker.com/id?1016328 Exploit, Patch
cve@mitre.org http://www.cisco.com/en/US/products/sw/voicesw/ps556/tsd_products_security_response09186a00806c0846.html Patch
cve@mitre.org http://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+CallManager+XSS+Advisory.htm Exploit
cve@mitre.org http://www.osvdb.org/26651
cve@mitre.org http://www.osvdb.org/26652
cve@mitre.org http://www.securityfocus.com/archive/1/437757/100/0/threaded
cve@mitre.org http://www.securityfocus.com/bid/18504 Exploit
cve@mitre.org http://www.vupen.com/english/advisories/2006/2443
cve@mitre.org https://exchange.xforce.ibmcloud.com/vulnerabilities/27225
af854a3a-2127-422b-91ae-364da2661108 http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047015.html
af854a3a-2127-422b-91ae-364da2661108 http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047019.html
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/20735
af854a3a-2127-422b-91ae-364da2661108 http://securityreason.com/securityalert/1114
af854a3a-2127-422b-91ae-364da2661108 http://securitytracker.com/id?1016328 Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108 http://www.cisco.com/en/US/products/sw/voicesw/ps556/tsd_products_security_response09186a00806c0846.html Patch
af854a3a-2127-422b-91ae-364da2661108 http://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+CallManager+XSS+Advisory.htm Exploit
af854a3a-2127-422b-91ae-364da2661108 http://www.osvdb.org/26651
af854a3a-2127-422b-91ae-364da2661108 http://www.osvdb.org/26652
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/archive/1/437757/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/bid/18504 Exploit
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2006/2443
af854a3a-2127-422b-91ae-364da2661108 https://exchange.xforce.ibmcloud.com/vulnerabilities/27225
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:16:05.751Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1114",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/1114"
          },
          {
            "name": "26651",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/26651"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+CallManager+XSS+Advisory.htm"
          },
          {
            "name": "20060619 Cisco Response to: Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/sw/voicesw/ps556/tsd_products_security_response09186a00806c0846.html"
          },
          {
            "name": "18504",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18504"
          },
          {
            "name": "20060619 Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047015.html"
          },
          {
            "name": "cisco-callmanager-web-xss(27225)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27225"
          },
          {
            "name": "1016328",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016328"
          },
          {
            "name": "20060620 Re: Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047019.html"
          },
          {
            "name": "20735",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20735"
          },
          {
            "name": "ADV-2006-2443",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2443"
          },
          {
            "name": "20060619 Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/437757/100/0/threaded"
          },
          {
            "name": "26652",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/26652"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-06-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in ccmadmin/phonelist.asp and (2) arbitrary parameters in ccmuser/logon.asp, aka bugid CSCsb68657."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1114",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/1114"
        },
        {
          "name": "26651",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/26651"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+CallManager+XSS+Advisory.htm"
        },
        {
          "name": "20060619 Cisco Response to: Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/sw/voicesw/ps556/tsd_products_security_response09186a00806c0846.html"
        },
        {
          "name": "18504",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18504"
        },
        {
          "name": "20060619 Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047015.html"
        },
        {
          "name": "cisco-callmanager-web-xss(27225)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27225"
        },
        {
          "name": "1016328",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016328"
        },
        {
          "name": "20060620 Re: Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047019.html"
        },
        {
          "name": "20735",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20735"
        },
        {
          "name": "ADV-2006-2443",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2443"
        },
        {
          "name": "20060619 Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/437757/100/0/threaded"
        },
        {
          "name": "26652",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/26652"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3109",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in ccmadmin/phonelist.asp and (2) arbitrary parameters in ccmuser/logon.asp, aka bugid CSCsb68657."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1114",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/1114"
            },
            {
              "name": "26651",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/26651"
            },
            {
              "name": "http://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+CallManager+XSS+Advisory.htm",
              "refsource": "MISC",
              "url": "http://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+CallManager+XSS+Advisory.htm"
            },
            {
              "name": "20060619 Cisco Response to: Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/sw/voicesw/ps556/tsd_products_security_response09186a00806c0846.html"
            },
            {
              "name": "18504",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18504"
            },
            {
              "name": "20060619 Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047015.html"
            },
            {
              "name": "cisco-callmanager-web-xss(27225)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27225"
            },
            {
              "name": "1016328",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016328"
            },
            {
              "name": "20060620 Re: Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047019.html"
            },
            {
              "name": "20735",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20735"
            },
            {
              "name": "ADV-2006-2443",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2443"
            },
            {
              "name": "20060619 Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/437757/100/0/threaded"
            },
            {
              "name": "26652",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/26652"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3109",
    "datePublished": "2006-06-21T01:00:00",
    "dateReserved": "2006-06-20T00:00:00",
    "dateUpdated": "2024-08-07T18:16:05.751Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-3109\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-06-21T01:02:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in ccmadmin/phonelist.asp and (2) arbitrary parameters in ccmuser/logon.asp, aka bugid CSCsb68657.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Cisco CallManager v3.3 anterior a  v3.3(5)SR3, v4.1 anterior a v4.1(3)SR4, v4.2 anterior a v4.2(3), y v4.3 anterior a v4.3(1), permite a atacantes remotos inyectar c\u00f3digo web script o HTML a trav\u00e9s de (1) par\u00e1metro pattern en ccmadmin/phonelist.asp y (2) par\u00e1metros de su elecci\u00f3n en ccmuser/logon.asp, tambi\u00e9n conocido como bugid CSCsb68657\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9306CD67-C43D-46F7-B76B-1FA0ACC6135E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3\\\\(3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3D9BE35-E2AA-42A4-BECB-1BD33F2D9F2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3\\\\(3\\\\)es61:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B333B6A2-36AE-45D8-81E6-7B13C0235774\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3\\\\(4\\\\)es25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8974FCAC-BE8B-4F87-91D5-E4D3C38A0262\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3\\\\(5\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A2188FD-29C8-4184-9E85-3875A53BB193\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3\\\\(5\\\\)es30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D311940-8FB8-44A5-9B1E-9730342554E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3\\\\(5\\\\)sr1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6049596-9D62-4EC4-BEAE-A2023F6F3346\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3\\\\(5\\\\)sr2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87560280-EF6A-46DC-9368-0C98E0A5B7E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"373E71AE-C735-4476-A574-56C35BAD8DB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1\\\\(2\\\\)es33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29E82520-D83E-4259-B7BC-76320FF948A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1\\\\(2\\\\)es55:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B25A4042-1F70-498E-8BB3-9B8A29C0EF28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1\\\\(3\\\\)es07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"291B6C1C-C3F3-4016-AF50-4D8D90227357\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1\\\\(3\\\\)es32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7DB7A16-9B5E-4EC7-95BE-5C028AA5E9AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1\\\\(3\\\\)sr1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F9AA9D0-3205-4A5D-8161-C80D1855D91E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1\\\\(3\\\\)sr2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B771F3F8-CD24-4710-A7A8-D4F9E0DB4BB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1\\\\(3\\\\)sr3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71DA8A99-A678-42F8-AFC5-323E77D9BCC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FA55FCB-FFFB-495F-86A8-262E7995B519\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.2\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6ECFC2B-9978-46FF-BC4E-A81B9B835E29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.2\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3979687E-2BDE-42CD-ACF6-5EE3AF6CD5B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98B77A94-5477-4703-9421-2266EC603319\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.3\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AF86C50-A2B2-4944-8361-C67766DCA2DA\"}]}]}],\"references\":[{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047015.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047019.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/20735\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securityreason.com/securityalert/1114\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1016328\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.cisco.com/en/US/products/sw/voicesw/ps556/tsd_products_security_response09186a00806c0846.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+CallManager+XSS+Advisory.htm\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.osvdb.org/26651\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/26652\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/437757/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/18504\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/2443\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27225\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047019.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/20735\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securityreason.com/securityalert/1114\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1016328\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.cisco.com/en/US/products/sw/voicesw/ps556/tsd_products_security_response09186a00806c0846.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+CallManager+XSS+Advisory.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.osvdb.org/26651\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/26652\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/437757/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/18504\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/2443\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27225\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.