CVE-2006-3109 (GCVE-0-2006-3109)
Vulnerability from cvelistv5
Published
2006-06-21 01:00
Modified
2024-08-07 18:16
Severity ?
CWE
  • n/a
Summary
Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in ccmadmin/phonelist.asp and (2) arbitrary parameters in ccmuser/logon.asp, aka bugid CSCsb68657.
References
cve@mitre.orghttp://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047015.html
cve@mitre.orghttp://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047019.html
cve@mitre.orghttp://secunia.com/advisories/20735
cve@mitre.orghttp://securityreason.com/securityalert/1114
cve@mitre.orghttp://securitytracker.com/id?1016328Exploit, Patch
cve@mitre.orghttp://www.cisco.com/en/US/products/sw/voicesw/ps556/tsd_products_security_response09186a00806c0846.htmlPatch
cve@mitre.orghttp://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+CallManager+XSS+Advisory.htmExploit
cve@mitre.orghttp://www.osvdb.org/26651
cve@mitre.orghttp://www.osvdb.org/26652
cve@mitre.orghttp://www.securityfocus.com/archive/1/437757/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/18504Exploit
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/2443
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/27225
af854a3a-2127-422b-91ae-364da2661108http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047015.html
af854a3a-2127-422b-91ae-364da2661108http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047019.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20735
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/1114
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1016328Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/sw/voicesw/ps556/tsd_products_security_response09186a00806c0846.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+CallManager+XSS+Advisory.htmExploit
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/26651
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/26652
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/437757/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/18504Exploit
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/2443
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/27225
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:16:05.751Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1114",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/1114"
          },
          {
            "name": "26651",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/26651"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+CallManager+XSS+Advisory.htm"
          },
          {
            "name": "20060619 Cisco Response to: Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/sw/voicesw/ps556/tsd_products_security_response09186a00806c0846.html"
          },
          {
            "name": "18504",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18504"
          },
          {
            "name": "20060619 Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047015.html"
          },
          {
            "name": "cisco-callmanager-web-xss(27225)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27225"
          },
          {
            "name": "1016328",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016328"
          },
          {
            "name": "20060620 Re: Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047019.html"
          },
          {
            "name": "20735",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20735"
          },
          {
            "name": "ADV-2006-2443",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2443"
          },
          {
            "name": "20060619 Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/437757/100/0/threaded"
          },
          {
            "name": "26652",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/26652"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-06-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in ccmadmin/phonelist.asp and (2) arbitrary parameters in ccmuser/logon.asp, aka bugid CSCsb68657."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1114",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/1114"
        },
        {
          "name": "26651",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/26651"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+CallManager+XSS+Advisory.htm"
        },
        {
          "name": "20060619 Cisco Response to: Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/sw/voicesw/ps556/tsd_products_security_response09186a00806c0846.html"
        },
        {
          "name": "18504",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18504"
        },
        {
          "name": "20060619 Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047015.html"
        },
        {
          "name": "cisco-callmanager-web-xss(27225)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27225"
        },
        {
          "name": "1016328",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016328"
        },
        {
          "name": "20060620 Re: Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047019.html"
        },
        {
          "name": "20735",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20735"
        },
        {
          "name": "ADV-2006-2443",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2443"
        },
        {
          "name": "20060619 Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/437757/100/0/threaded"
        },
        {
          "name": "26652",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/26652"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3109",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in ccmadmin/phonelist.asp and (2) arbitrary parameters in ccmuser/logon.asp, aka bugid CSCsb68657."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1114",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/1114"
            },
            {
              "name": "26651",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/26651"
            },
            {
              "name": "http://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+CallManager+XSS+Advisory.htm",
              "refsource": "MISC",
              "url": "http://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+CallManager+XSS+Advisory.htm"
            },
            {
              "name": "20060619 Cisco Response to: Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/sw/voicesw/ps556/tsd_products_security_response09186a00806c0846.html"
            },
            {
              "name": "18504",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18504"
            },
            {
              "name": "20060619 Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047015.html"
            },
            {
              "name": "cisco-callmanager-web-xss(27225)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27225"
            },
            {
              "name": "1016328",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016328"
            },
            {
              "name": "20060620 Re: Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047019.html"
            },
            {
              "name": "20735",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20735"
            },
            {
              "name": "ADV-2006-2443",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2443"
            },
            {
              "name": "20060619 Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/437757/100/0/threaded"
            },
            {
              "name": "26652",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/26652"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3109",
    "datePublished": "2006-06-21T01:00:00",
    "dateReserved": "2006-06-20T00:00:00",
    "dateUpdated": "2024-08-07T18:16:05.751Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-3109\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-06-21T01:02:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in ccmadmin/phonelist.asp and (2) arbitrary parameters in ccmuser/logon.asp, aka bugid CSCsb68657.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Cisco CallManager v3.3 anterior a  v3.3(5)SR3, v4.1 anterior a v4.1(3)SR4, v4.2 anterior a v4.2(3), y v4.3 anterior a v4.3(1), permite a atacantes remotos inyectar c\u00f3digo web script o HTML a trav\u00e9s de (1) par\u00e1metro pattern en ccmadmin/phonelist.asp y (2) par\u00e1metros de su elecci\u00f3n en ccmuser/logon.asp, tambi\u00e9n conocido como bugid CSCsb68657\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9306CD67-C43D-46F7-B76B-1FA0ACC6135E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3\\\\(3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3D9BE35-E2AA-42A4-BECB-1BD33F2D9F2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3\\\\(3\\\\)es61:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B333B6A2-36AE-45D8-81E6-7B13C0235774\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3\\\\(4\\\\)es25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8974FCAC-BE8B-4F87-91D5-E4D3C38A0262\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3\\\\(5\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A2188FD-29C8-4184-9E85-3875A53BB193\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3\\\\(5\\\\)es30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D311940-8FB8-44A5-9B1E-9730342554E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3\\\\(5\\\\)sr1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6049596-9D62-4EC4-BEAE-A2023F6F3346\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3\\\\(5\\\\)sr2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87560280-EF6A-46DC-9368-0C98E0A5B7E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"373E71AE-C735-4476-A574-56C35BAD8DB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1\\\\(2\\\\)es33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29E82520-D83E-4259-B7BC-76320FF948A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1\\\\(2\\\\)es55:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B25A4042-1F70-498E-8BB3-9B8A29C0EF28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1\\\\(3\\\\)es07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"291B6C1C-C3F3-4016-AF50-4D8D90227357\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1\\\\(3\\\\)es32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7DB7A16-9B5E-4EC7-95BE-5C028AA5E9AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1\\\\(3\\\\)sr1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F9AA9D0-3205-4A5D-8161-C80D1855D91E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1\\\\(3\\\\)sr2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B771F3F8-CD24-4710-A7A8-D4F9E0DB4BB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1\\\\(3\\\\)sr3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71DA8A99-A678-42F8-AFC5-323E77D9BCC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FA55FCB-FFFB-495F-86A8-262E7995B519\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.2\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6ECFC2B-9978-46FF-BC4E-A81B9B835E29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.2\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3979687E-2BDE-42CD-ACF6-5EE3AF6CD5B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98B77A94-5477-4703-9421-2266EC603319\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.3\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AF86C50-A2B2-4944-8361-C67766DCA2DA\"}]}]}],\"references\":[{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047015.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047019.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/20735\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securityreason.com/securityalert/1114\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1016328\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.cisco.com/en/US/products/sw/voicesw/ps556/tsd_products_security_response09186a00806c0846.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+CallManager+XSS+Advisory.htm\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.osvdb.org/26651\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/26652\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/437757/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/18504\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/2443\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27225\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047019.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/20735\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securityreason.com/securityalert/1114\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1016328\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.cisco.com/en/US/products/sw/voicesw/ps556/tsd_products_security_response09186a00806c0846.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+CallManager+XSS+Advisory.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.osvdb.org/26651\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/26652\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/437757/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/18504\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/2443\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27225\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.