CVE-2006-1193 - CVE Reference - Advisories

CVE Reference: CVE-2006-1193

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-1193

Description: Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2000 SP1 through SP3, when running Outlook Web Access (OWA), allows user-assisted remote attackers to inject arbitrary HTML or web script via unknown vectors related to "HTML parsing."

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/25550 ST 1016280 SAID Secunia Advisory: SA20634 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1070 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1161 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1315 OSVDB 26441 MS http://www.microsoft.com/technet/security/bulletin/ms06-029.mspx MISC http://www.sec-consult.com/fileadmin/Advisories/20060613-0_owa_xss_noexploit.txt FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046892.html CERT-VN 138188 CERT http://www.us-cert.gov/cas/techalerts/TA06-164A.html BID 18381

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	HP OpenView Select Identity Connectors Information Disclosure

2.	Gentoo update for dnsmasq

3.	Gentoo update for yelp

4.	rPath update for libtiff

5.	Gentoo update for realplayer

6.	Gentoo update for mysql

7.	Cisco ASA and PIX Security Appliances Multiple Vulnerabilities

8.	SUSE update for IBMJava5-JRE and java-1_5_0-ibm

9.	IBM AIX "swcons" Command Privilege Escalation Vulnerability

10.	FreeBSD ICMPv6 "Packet Too Big" MTU Denial of Service Vulnerability