Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2006-6276 | First vendor Publication | 2006-12-04 |
Vendor | Cve | Last vendor Modification | 2024-02-09 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
HTTP request smuggling vulnerability in Sun Java System Proxy Server before 20061130, when used with Sun Java System Application Server or Sun Java System Web Server, allows remote attackers to bypass HTTP request filtering, hijack web sessions, perform cross-site scripting (XSS), and poison web caches via unspecified attack vectors. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6276 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-444 | Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 | |
Application | 3 | |
Application | 2 | |
Application | 1 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
31727 | Sun Java System Server Products HTTP Request Smuggling |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-09 09:27:58 |
|
2021-05-04 12:04:56 |
|
2021-04-22 01:05:32 |
|
2020-05-23 00:18:47 |
|
2017-07-29 12:01:48 |
|
2016-04-26 15:22:53 |
|
2013-05-11 11:15:51 |
|