BlueDragon <= Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 3668


The remote host is vulnerable to multiple attack vectors.


The remote host is running BlueDragon, a ColdFusion Markup Language server. This version of BlueDragon is vulnerable to a Cross-Site Scripting (XSS) flaw where attackers can inject malicious scripting code that will run within the browser of BlueDragon clients. A second flaw would allow the attacker the ability to crash the application remotely, thereby denying services to legitimate users.


Upgrade or patch according to vendor recommendations.

See Also

Plugin Details

Severity: Medium

ID: 3668

File Name: 3668.prm

Family: CGI

Published: 2006/06/23

Modified: 2016/01/21

Dependencies: 1442

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C


Base Score: 5.3

Temporal Score: 4.9


Temporal Vector: CVSS3#E:F/RL:O/RC:C

Reference Information

CVE: CVE-2006-2310, CVE-2006-2311

BID: 18623, 18624