CVE

Id
21013  
CVE No.
CVE-2006-4909  
Status
Candidate  
Description
Cross-site scripting (XSS) vulnerability in Cisco Guard DDoS Mitigation Appliance before 5.1(6), when anti-spoofing is enabled, allows remote attackers to inject arbitrary web script or HTML via certain character sequences in a URL that are not properly handled when the appliance sends a meta-refresh.  
Phase
Assigned (20060920)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
199216 21013 CVE-2006-4909 CISCO:20060920 Cisco Security Advisory: Cisco Guard Enables Cross Site Scripting  View
199217 21013 CVE-2006-4909 URL:http://www.cisco.com/warp/public/707/cisco-sa-20060920-guardxss.shtml  View
199218 21013 CVE-2006-4909 BID:20122  View
199219 21013 CVE-2006-4909 URL:http://www.securityfocus.com/bid/20122  View
199220 21013 CVE-2006-4909 VUPEN:ADV-2006-3720  View
199221 21013 CVE-2006-4909 URL:http://www.vupen.com/english/advisories/2006/3720  View
199222 21013 CVE-2006-4909 OSVDB:29035  View
199223 21013 CVE-2006-4909 URL:http://www.osvdb.org/29035  View
199224 21013 CVE-2006-4909 SECTRACK:1016890  View
199225 21013 CVE-2006-4909 URL:http://securitytracker.com/id?1016890  View
199226 21013 CVE-2006-4909 SECUNIA:21962  View
199227 21013 CVE-2006-4909 URL:http://secunia.com/advisories/21962  View
199228 21013 CVE-2006-4909 XF:cisco-guard-antispoffing-xss(29057)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
59026 JVNDB-2006-001292 Cisco IPS におけるトラフィックインスペクションを回避される脆弱性 Cisco IPS には、インラインモードまたはプロミスキャスモードで稼動している際、トラフィックインスペクションを回避される脆弱性が存在します。 CVE-2006-4911 21013 7.5 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-001292.html  View