Cross-Site Scripting Vulnerabilities in Sun Secure Global Desktop by Sun Microsystems
CVE-2006-4958

Currently unrated

Key Information:

Vendor: Oracle
Status: Secure Global Desktop
Vendor: CVE Published:; 23 September 2006

What is CVE-2006-4958?

Multiple cross-site scripting vulnerabilities exist in Sun Secure Global Desktop (SSGD), also known as Tarantella, prior to version 4.20.983. These vulnerabilities could allow remote attackers to inject arbitrary web scripts or HTML through various components, including taarchives.cgi, ttaAuthentication.jsp, ttalicense.cgi, ttawlogin.cgi, ttawebtop.cgi, ttaabout.cgi, and test-cgi. The initial disclosures about these vulnerabilities were vague, and further information is expected to clarify the details.

References

http://securitytracker.com/id?1016900

vdb-entryx_refsource_SECTRACK

https://exchange.xforce.ibmcloud.com/vulnerabilities/29070

vdb-entryx_refsource_XF

http://secunia.com/advisories/22037

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Sep 23, 2006
Vulnerability Reserved
Sep 22, 2006

Oracle

What is CVE-2006-4958?

References

Timeline