CVE-2006-3007
Summary
| CVE | CVE-2006-3007 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-06-13 10:02:00 UTC |
| Updated | 2017-07-20 01:31:00 UTC |
| Description | Multiple cross-site scripting (XSS) vulnerabilities in SHOUTcast 1.9.5 allow remote attackers to inject arbitrary HTML or web script via the DJ fields (1) Description, (2) URL, (3) Genre, (4) AIM, and (5) ICQ. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Nullsoft | Shoutcast Server | 1.7.1 | All | linux | All |
| Application | Nullsoft | Shoutcast Server | 1.8.3 | All | win32 | All |
| Application | Nullsoft | Shoutcast Server | 1.8.9 | All | freebsd | All |
| Application | Nullsoft | Shoutcast Server | 1.8.9 | All | linux | All |
| Application | Nullsoft | Shoutcast Server | 1.8.9 | All | mac_os_x | All |
| Application | Nullsoft | Shoutcast Server | 1.8.9 | All | solaris | All |
| Application | Nullsoft | Shoutcast Server | 1.8.9 | All | win32 | All |
| Application | Nullsoft | Shoutcast Server | 1.9.2 | All | win32 | All |
| Application | Nullsoft | Shoutcast Server | 1.9.4 | All | linux | All |
| Application | Nullsoft | Shoutcast Server | 1.9.4 | All | mac_os_x | All |
| Application | Nullsoft | Shoutcast Server | 1.9.4 | All | win32 | All |
| Application | Nullsoft | Shoutcast Server | 1.9.5 | All | linux | All |
| Application | Nullsoft | Shoutcast Server | 1.9.5 | All | mac_os_x | All |
| Application | Nullsoft | Shoutcast Server | 1.9.5 | All | win32 | All |
| Application | Nullsoft | Shoutcast Server | 1.7.1 | All | linux | All |
| Application | Nullsoft | Shoutcast Server | 1.8.3 | All | win32 | All |
| Application | Nullsoft | Shoutcast Server | 1.8.9 | All | freebsd | All |
| Application | Nullsoft | Shoutcast Server | 1.8.9 | All | linux | All |
| Application | Nullsoft | Shoutcast Server | 1.8.9 | All | mac_os_x | All |
| Application | Nullsoft | Shoutcast Server | 1.8.9 | All | solaris | All |
| Application | Nullsoft | Shoutcast Server | 1.8.9 | All | win32 | All |
| Application | Nullsoft | Shoutcast Server | 1.9.2 | All | win32 | All |
| Application | Nullsoft | Shoutcast Server | 1.9.4 | All | linux | All |
| Application | Nullsoft | Shoutcast Server | 1.9.4 | All | mac_os_x | All |
| Application | Nullsoft | Shoutcast Server | 1.9.4 | All | win32 | All |
| Application | Nullsoft | Shoutcast Server | 1.9.5 | All | linux | All |
| Application | Nullsoft | Shoutcast Server | 1.9.5 | All | mac_os_x | All |
| Application | Nullsoft | Shoutcast Server | 1.9.5 | All | win32 | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Gentoo Linux Documentation -- SHOUTcast server: Multiple vulnerabilities | GENTOO | www.gentoo.org | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| SHOUTcast File Disclosure and DJ Script Insertion Vulnerabilities - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Nullsoft SHOUTcast Multiple HTML Injection Vulnerabilities | BID | www.securityfocus.com | |
| Secunia - Advisories - Gentoo update for shoutcast-server-bin | SECUNIA | secunia.com | |
| 'bug of script injection in shoutcast servers' - MARC | BUGTRAQ | marc.info | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.