Vulnerabilities > CVE-2006-2435 - Remote Security vulnerability in Websphere Application Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Unspecified vulnerability in IBM WebSphere Application Server 5.0.2 and earlier, and 5.1.1 and earlier, has unknown impact and attack vectors related to "Inserting certain script tags in urls [that] may allow unintended execution of scripts."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |
References
- http://archives.neohapsis.com/archives/bugtraq/2006-05/0175.html
- http://secunia.com/advisories/20032
- http://securityreason.com/securityalert/910
- http://www.vupen.com/english/advisories/2006/1736
- http://www.vupen.com/english/advisories/2006/2552
- http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006879
- http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006881
- http://www-1.ibm.com/support/search.wss?rs=0&q=PK15571&apar=only