Vulnerabilities > CVE-2006-6422 - Applications Denial of Service vulnerability in Agileco

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

agileco

NVD

Published: 2006-12-10

Updated: 2017-07-29

Summary

Agileco AgileBill 1.4.x and AgileVoice 1.4.x do not properly handle certain proxy requests, which allows remote attackers to disable the application by entering invalid license data on a form, possibly involving modules/core/license.inc.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part	Description	Count
Application	Agileco Agileco Agilebill 1.4 Agileco Agilebill 1.4.92 Agileco Agilebill 1.4.93 Agileco Agilevoice 1.4	4

References

http://secunia.com/advisories/23223
http://www.securityfocus.com/bid/21459
https://exchange.xforce.ibmcloud.com/vulnerabilities/30751