{"api_version":"1","generated_at":"2026-04-23T06:59:29+00:00","cve":"CVE-2006-4959","urls":{"html":"https://cve.report/CVE-2006-4959","api":"https://cve.report/api/cve/CVE-2006-4959.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2006-4959","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2006-4959"},"summary":{"title":"CVE-2006-4959","description":"Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi.  NOTE: This information is based upon a vague initial disclosure.  Details will be updated as they become available.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2006-09-23 10:07:00","updated_at":"2018-10-17 21:40:00"},"problem_types":["NVD-CWE-Other"],"metrics":[],"references":[{"url":"http://securitytracker.com/id?1016900","name":"1016900","refsource":"SECTRACK","tags":[],"title":"SecurityTracker.com Archives - Sun Secure Global Desktop Input Validation Holes Permit Cross-Site Scripting Attacks and Disclose System Information to Remote Users","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555","name":"http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555","refsource":"MISC","tags":[],"title":"scip AG [Security - Consulting - Information - Process]","mime":"text/xml","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2006/3739","name":"ADV-2006-3739","refsource":"VUPEN","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/20135","name":"20135","refsource":"BID","tags":[],"title":"Sun Secure Global Desktop Unspecified Multiple Input Validation Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://secunia.com/advisories/22037","name":"22037","refsource":"SECUNIA","tags":[],"title":"Sun Secure Global Desktop Cross-Site Scripting Vulnerabilities - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/446566/100/0/threaded","name":"20060921 [scip_Advisory 2555] Sun Secure Global Desktop prior 4.3 multiple remote vulnerabilities","refsource":"BUGTRAQ","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/29076","name":"sun-ssgd-script-information-disclosure(29076)","refsource":"XF","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securityreason.com/securityalert/1623","name":"1623","refsource":"SREASON","tags":[],"title":"SecurityReason - Sun Secure Global Desktop prior 4.3 multiple remote vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2006-4959","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-4959","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2006","cve_id":"4959","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"sun","cpe5":"secure_global_desktop","cpe6":"3.42","cpe7":"*","cpe8":"enterprise","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"4959","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"sun","cpe5":"secure_global_desktop","cpe6":"4.0","cpe7":"*","cpe8":"enterprise","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"4959","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"sun","cpe5":"secure_global_desktop","cpe6":"3.42","cpe7":"*","cpe8":"enterprise","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"4959","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"sun","cpe5":"secure_global_desktop","cpe6":"4.0","cpe7":"*","cpe8":"enterprise","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2006-4959","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi.  NOTE: This information is based upon a vague initial disclosure.  Details will be updated as they become available."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"1016900","refsource":"SECTRACK","url":"http://securitytracker.com/id?1016900"},{"name":"sun-ssgd-script-information-disclosure(29076)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/29076"},{"name":"22037","refsource":"SECUNIA","url":"http://secunia.com/advisories/22037"},{"name":"20060921 [scip_Advisory 2555] Sun Secure Global Desktop prior 4.3 multiple remote vulnerabilities","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/446566/100/0/threaded"},{"name":"http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555","refsource":"MISC","url":"http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2555"},{"name":"1623","refsource":"SREASON","url":"http://securityreason.com/securityalert/1623"},{"name":"ADV-2006-3739","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2006/3739"},{"name":"20135","refsource":"BID","url":"http://www.securityfocus.com/bid/20135"}]}},"nvd":{"publishedDate":"2006-09-23 10:07:00","lastModifiedDate":"2018-10-17 21:40:00","problem_types":["NVD-CWE-Other"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5},"severity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:sun:secure_global_desktop:4.0:*:enterprise:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:sun:secure_global_desktop:3.42:*:enterprise:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2006","CveId":"4959","Ordinal":"20301","Title":"CVE-2006-4959","CVE":"CVE-2006-4959","Year":"2006"},"notes":[{"CveYear":"2006","CveId":"4959","Ordinal":"1","NoteData":"Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi.  NOTE: This information is based upon a vague initial disclosure.  Details will be updated as they become available.","Type":"Description","Title":null},{"CveYear":"2006","CveId":"4959","Ordinal":"2","NoteData":"2006-09-23","Type":"Other","Title":"Published"},{"CveYear":"2006","CveId":"4959","Ordinal":"3","NoteData":"2018-10-17","Type":"Other","Title":"Modified"}]}}}