CVE-2006-5486

Currently unrated

Key Information:

Vendor: Oracle
Status: Java System Messaging Server; Iplanet Messaging Server
Vendor: CVE Published:; 24 October 2006

Summary

Cross-site scripting (XSS) vulnerability in Webmail in Sun Java System Messaging Server 6.0 through 6.2 and iPlanet Messaging Server 5.2 allows remote attackers to execute arbitrary Javascript via crafted messages.

References

http://www.securityfocus.com/bid/20708

vdb-entryx_refsource_BID

http://securitytracker.com/id?1017113

vdb-entryx_refsource_SECTRACK

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

Timeline

Vulnerability published
Oct 24, 2006
Vulnerability Reserved
Oct 24, 2006