Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.9rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P
Vendors Products
Gnu
  • Mailman

Configuration 1 [-]

OR cpe:2.3:a:gnu:mailman:2.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.1.1:beta1:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.1.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.1.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.1.5.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.1.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.1.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.1.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:mailman:2.1b1:*:*:*:*:*:*:*
References
Link Resource
http://mail.python.org/pipermail/mailman-announce/2006-September/000087.html
http://moritz-naumann.com/adv/0013/mailmanmulti/0013.txt
http://rhn.redhat.com/errata/RHSA-2006-0600.html
http://secunia.com/advisories/21732 Patch Vendor Advisory
http://secunia.com/advisories/21792
http://secunia.com/advisories/21879
http://secunia.com/advisories/22011
http://secunia.com/advisories/22020
http://secunia.com/advisories/22227
http://secunia.com/advisories/22639
http://security.gentoo.org/glsa/glsa-200609-12.xml
http://securitytracker.com/id?1016808
http://sourceforge.net/project/shownotes.php?group_id=103&release_id=444295 Patch
http://www.debian.org/security/2006/dsa-1188
http://www.mandriva.com/security/advisories?name=MDKSA-2006:165
http://www.novell.com/linux/security/advisories/2006_25_sr.html
http://www.securityfocus.com/archive/1/445992/100/0/threaded
http://www.securityfocus.com/bid/19831
http://www.securityfocus.com/bid/20021
http://www.ubuntu.com/usn/usn-345-1
http://www.vupen.com/english/advisories/2006/3446
https://exchange.xforce.ibmcloud.com/vulnerabilities/28731
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10553
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2006-09-06T00:00:00

Updated: 2018-10-18T14:57:01

Reserved: 2006-07-17T00:00:00

Link: CVE-2006-3636

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2006-09-06T00:04:00.000

Modified: 2018-10-18T16:48:41.190

Link: CVE-2006-3636

JSON object: View

cve-icon Redhat Information

No data.

CWE