FILE-JAVA -- Snort has detected traffic targeting vulnerabilities that are exploited in java files such as .class or .jar.
FILE-JAVA Oracle JavaScript file upload keystroke hijack attempt
Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form. Impact: CVSS base score 4.0 CVSS impact score 4.9 CVSS exploitability score 4.9 confidentialityImpact PARTIAL integrityImpact PARTIAL availabilityImpact PARTIAL Details: Ease of Attack:
No information provided
No public information
No known false positives
Talos research team. This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology. For more information see [nvd].
No rule groups
CVE-2006-2900 |
Loading description
|
©2024 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
