Vulnerabilities > CVE-2006-4576 - Remote vulnerability in the Address Book the Address Book 1.04E
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
the-address-book
Summary
Cross-site scripting (XSS) vulnerability in The Address Book 1.04e allows remote attackers to inject arbitrary web script or HTML by uploading the HTML file with a GIF or JPG extension, which is rendered by Internet Explorer.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |