NVD

Id
62912  
Name
CVE-2006-4273  
Description
Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 3.5.4 and 3.6.0 allows remote attackers to inject arbitrary web script or HTML by uploading an attachment with a .pdf extension that contains JavaScript, which is processed as script by Microsoft Internet Explorer 6.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2016-12-20  
Published
2006-08-21  
Modified Date
2008-09-05  
Seq
2006-4273  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
327153 62912 CVE-2006-4273 20060803 vbulletin 3.5.4 IE exploit xss  View
327154 62912 CVE-2006-4273 20060803 XSS in Vbulletin 3.6.0 in IE 0nly  View
327155 62912 CVE-2006-4273 20060807 Re: vbulletin 3.5.4 IE exploit xss  View
327156 62912 CVE-2006-4273 19334  View
327157 62912 CVE-2006-4273 vbulletin-javascript-pdf-xss(28239)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
59715 JVNDB-2006-001981 Jelsoft vBulletin におけるクロスサイトスクリプティングの脆弱性 Jelsoft vBulletin には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2006-4273 20375 CVE-2006-4273 62912 6.8 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-001981.html 2006-08-03 2012-09-25 View