Vulnerability Description
Cross-site scripting (XSS) vulnerability in Webmail in Sun Java System Messaging Server 6.0 through 6.2 and iPlanet Messaging Server 5.2 allows remote attackers to execute arbitrary Javascript via crafted messages.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sun | Iplanet Messaging Server | 5.2 |
| Sun | Java System Messaging Server | 6.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/22575Vendor Advisory
- http://securitytracker.com/id?1017113
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102497-1PatchVendor Advisory
- http://www.securityfocus.com/bid/20708
- http://www.vupen.com/english/advisories/2006/4183
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29806
- http://secunia.com/advisories/22575Vendor Advisory
- http://securitytracker.com/id?1017113
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102497-1PatchVendor Advisory
- http://www.securityfocus.com/bid/20708
- http://www.vupen.com/english/advisories/2006/4183
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29806
FAQ
What is CVE-2006-5486?
CVE-2006-5486 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in Webmail in Sun Java System Messaging Server 6.0 through 6.2 and iPlanet Messaging Server 5.2 allows remote attackers to execute arbitrary Javascript via cra...
How severe is CVE-2006-5486?
CVE-2006-5486 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-5486?
Check the references section above for vendor advisories and patch information. Affected products include: Sun Iplanet Messaging Server, Sun Java System Messaging Server.