Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in AirMagnet Enterprise before 7.5 build 6307 allow remote attackers to inject arbitrary web script or HTML via (1) the 404 error page of the Smart Sensor Edge Sensor; (2) the user name for a failed logon, when displayed in the audit journals reviewing interface (/AirMagnetSensor/AMSensor.dll/XH) by the Smart Sensor Edge Sensor log viewer; and (3) an SSID of an AP, when displayed on an ACL page (/Amom/Amom.dll/BD) of the Enterprise Server Status Overview in the Enterprise Server Web interface.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Airmagnet | Enterprise | 7.5 |
References
- http://secunia.com/advisories/22475
- http://www.osvdb.org/29918
- http://www.osvdb.org/29919
- http://www.osvdb.org/29920
- http://www.securityfocus.com/archive/1/449119/100/200/threaded
- http://www.securityfocus.com/archive/1/449739/100/100/threaded
- http://www.securityfocus.com/archive/1/451978/100/100/threaded
- http://www.securityfocus.com/bid/20602
- http://secunia.com/advisories/22475
- http://www.osvdb.org/29918
- http://www.osvdb.org/29919
- http://www.osvdb.org/29920
- http://www.securityfocus.com/archive/1/449119/100/200/threaded
- http://www.securityfocus.com/archive/1/449739/100/100/threaded
- http://www.securityfocus.com/archive/1/451978/100/100/threaded
FAQ
What is CVE-2006-5741?
CVE-2006-5741 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in AirMagnet Enterprise before 7.5 build 6307 allow remote attackers to inject arbitrary web script or HTML via (1) the 404 error page of the Smart ...
How severe is CVE-2006-5741?
CVE-2006-5741 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-5741?
Check the references section above for vendor advisories and patch information. Affected products include: Airmagnet Enterprise.