CVE-2006-3225

Published: Jun 26, 2006Modified: Apr 16, 2026

2.6

Vector

AV:N/AC:H/Au:N/C:N/I:P/A:N

Exploitability: 4.9 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in Sun ONE Application Server 7 before Update 9, Java System Application Server 7 2004Q2 before Update 5, and Java System Application Server Enterprise Edition 8.1 2005 Q1 allows remote attackers to inject arbitrary HTML or web script via unknown vectors.

Affected (3)

Products: Sun: Java System Application Server, One Application Server

2 products

Java System Application Server

One Application Server

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Sun Java System Application Server	Up to 7.0
Sun Java System Application Server	Version 8.1
Sun One Application Server	Up to 7.0

References (12)

http://secunia.com/advisories/20835

Source: cve@mitre.org

http://securitytracker.com/id?1016378

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102479-1

Source: cve@mitre.org

http://www.securityfocus.com/bid/18635

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/2508

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/27392

Source: cve@mitre.org

http://secunia.com/advisories/20835

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1016378

Source: af854a3a-2127-422b-91ae-364da2661108

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102479-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/18635

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/2508

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/27392

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.