CVE-2006-0731

Currently unrated

Key Information:

Vendor: SAP
Status: Business Connector
Vendor: CVE Published:; 16 February 2006

Summary

WmRoot/adapter-index.dsp in SAP Business Connector Core Fix 7 and earlier allows remote attackers to conduct spoofing (phishing) attacks via an absolute URL in the url parameter, which loads the URL inside a frame.

References

http://secunia.com/advisories/18880

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/archive/1/434012/30/4980/thr...

mailing-listx_refsource_BUGTRAQ

http://securitytracker.com/id?1015639

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Feb 16, 2006
Vulnerability Reserved
Feb 16, 2006