CVE-2006-3817

Published: Aug 11, 2006Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in Novell GroupWise WebAccess 6.5 and 7 before 20060727 allows remote attackers to inject arbitrary web script or HTML via an encoded SCRIPT element in an e-mail message with the UTF-7 character set, as demonstrated by the "+ADw-SCRIPT+AD4-" sequence.

Affected (6)

Products: Novell: Groupwise Webaccess

1 product

Groupwise Webaccess

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Novell Groupwise Webaccess	Version 6.5
Novell Groupwise Webaccess	Version 6.5 sp1
Novell Groupwise Webaccess	Version 6.5 sp2
Novell Groupwise Webaccess	Version 6.5 sp3
Novell Groupwise Webaccess	Version 6.5 sp4
Novell Groupwise Webaccess	Version 7

References (20)

http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048593.html

Source: cve@mitre.org

ExploitPatch

http://secunia.com/advisories/21411

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://securitytracker.com/id?1016648

Source: cve@mitre.org

http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974176.htm

Source: cve@mitre.org

Patch

http://www.infobyte.com.ar/adv/ISR-14.html

Source: cve@mitre.org

ExploitPatch

http://www.novell.com/support/search.do?cmd=displayKC&externalId=3701584&sliceId=SAL_Public

Source: cve@mitre.org

Patch

http://www.securityfocus.com/archive/1/442719/100/100/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/19297

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/3098

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/28211

Source: cve@mitre.org

http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048593.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

http://secunia.com/advisories/21411

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchVendor Advisory

http://securitytracker.com/id?1016648

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974176.htm

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.infobyte.com.ar/adv/ISR-14.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

http://www.novell.com/support/search.do?cmd=displayKC&externalId=3701584&sliceId=SAL_Public

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.securityfocus.com/archive/1/442719/100/100/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/19297

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/3098

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/28211

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.