Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2006-0015 | First vendor Publication | 2006-04-11 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 6.8 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the (1) operation, (2) command, and (3) name parameters. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0015 |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:1748 | |||
| Oval ID: | oval:org.mitre.oval:def:1748 | ||
| Title: | FPSE XSS Vulnerability | ||
| Description: | Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the (1) operation, (2) command, and (3) name parameters. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2006-0015 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft FrontPage Server Extensions 2002 |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 | |
| Application | 1 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-09-04 | Name : FreeBSD Ports: frontpage -- cross site scripting vulnerability File : nvt/freebsd_frontpage.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 24518 | Microsoft FrontPage Server Extensions fpadmdll.dll Multiple Parameter XSS |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Microsoft Office FrontPage server extensions 2002 cross site scripting attempt RuleID : 7029 - Revision : 19 - Type : SERVER-IIS |
| 2014-01-10 | Microsoft Office FrontPage server extensions 2002 cross site scripting attempt RuleID : 7028 - Revision : 19 - Type : SERVER-IIS |
| 2014-01-10 | Microsoft Office FrontPage server extensions 2002 cross site scripting attempt RuleID : 7027 - Revision : 20 - Type : SERVER-IIS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2006-05-24 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_c0171f59ea8a11dabe02000c6ec775d9.nasl - Type : ACT_GATHER_INFO |
| 2006-04-21 | Name : The remote web server contains a server extension that is affected by a cross... File : frontpage_fpadmdll_xss.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:20:45 |
|
| 2024-11-28 12:08:09 |
|
| 2021-05-04 12:03:35 |
|
| 2021-04-22 01:04:03 |
|
| 2020-05-23 00:17:17 |
|
| 2018-10-19 21:19:43 |
|
| 2018-10-13 00:22:32 |
|
| 2017-10-11 09:23:36 |
|
| 2017-07-11 12:02:08 |
|
| 2016-04-26 14:10:44 |
|
| 2014-02-17 10:34:12 |
|
| 2014-01-19 21:23:03 |
|
| 2013-05-11 10:46:07 |
|
