Vulnerability Description
An unspecified ActiveX control in SiteKiosk before 6.5.150 is installed "safe for scripting", which allows local users to bypass security protections and read arbitrary files via certain functions.
CVSS Score
1.7
LOW
AV:L/AC:L/Au:S/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sitekiosk | Sitekiosk | 4.9.11 |
References
- http://secunia.com/advisories/23253
- http://www.securityfocus.com/archive/1/454185/100/0/threaded
- http://www.securityfocus.com/bid/21567Patch
- http://www.sitekiosk.com/th_support/versions/index.php3?id=39Patch
- http://www.vupen.com/english/advisories/2006/4985
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30878
- http://secunia.com/advisories/23253
- http://www.securityfocus.com/archive/1/454185/100/0/threaded
- http://www.securityfocus.com/bid/21567Patch
- http://www.sitekiosk.com/th_support/versions/index.php3?id=39Patch
- http://www.vupen.com/english/advisories/2006/4985
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30878
FAQ
What is CVE-2006-6510?
CVE-2006-6510 is a vulnerability with a CVSS score of 1.7 (LOW). An unspecified ActiveX control in SiteKiosk before 6.5.150 is installed "safe for scripting", which allows local users to bypass security protections and read arbitrary files via certain functions.
How severe is CVE-2006-6510?
CVE-2006-6510 has been rated LOW with a CVSS base score of 1.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6510?
Check the references section above for vendor advisories and patch information. Affected products include: Sitekiosk Sitekiosk.