CVE-2006-6510

high

Description

An unspecified ActiveX control in SiteKiosk before 6.5.150 is installed "safe for scripting", which allows local users to bypass security protections and read arbitrary files via certain functions.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/30878

http://www.vupen.com/english/advisories/2006/4985

http://www.sitekiosk.com/th_support/versions/index.php3?id=39

http://www.securityfocus.com/bid/21567

http://www.securityfocus.com/archive/1/454185/100/0/threaded

http://secunia.com/advisories/23253

Details

Source: Mitre, NVD

Published: 2006-12-14

Updated: 2025-04-09

Risk Information

CVSS v2

Base Score: 1.7

Vector: CVSS2#AV:L/AC:L/Au:S/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Severity: High

EPSS

EPSS: 0.00072

Detections

Analytics