CVE-2006-4056 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2006-4056?

CVE-2006-4056 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2006-4056?

Check the references section above for vendor advisories and patch information. Affected products include: The Address Book The Address Book, The Address Book Reloaded The Address Book Reloaded.

Vulnerability Description

Multiple SQL injection vulnerabilities in the authentication process in katzlbt (a) The Address Book 1.04e and earlier and (b) The Address Book Reloaded before 2.0-rc4 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters. NOTE: portions of these details are obtained from third party information.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
The Address Book	The Address Book	<= 1.04e
The Address Book Reloaded	The Address Book Reloaded	<= 2.0

References

FAQ

What is CVE-2006-4056?

CVE-2006-4056 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple SQL injection vulnerabilities in the authentication process in katzlbt (a) The Address Book 1.04e and earlier and (b) The Address Book Reloaded before 2.0-rc4 allow remote attackers to execut...

How severe is CVE-2006-4056?

CVE-2006-4056 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-4056?

Check the references section above for vendor advisories and patch information. Affected products include: The Address Book The Address Book, The Address Book Reloaded The Address Book Reloaded.