Unrated severityNVD Advisory· Published Dec 4, 2006· Updated Apr 23, 2026
CVE-2006-6276
CVE-2006-6276
Description
HTTP request smuggling vulnerability in Sun Java System Proxy Server before 20061130, when used with Sun Java System Application Server or Sun Java System Web Server, allows remote attackers to bypass HTTP request filtering, hijack web sessions, perform cross-site scripting (XSS), and poison web caches via unspecified attack vectors.
Affected products
8cpe:2.3:a:sun:java_system_web_proxy_server:-:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:sun:java_system_web_proxy_server:-:*:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_web_proxy_server:3.6:*:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_web_proxy_server:4.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:java_system_web_server:6.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:sun:java_system_web_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_web_server:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:sun:one_application_server:7.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:java_system_application_server:7.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:sun:java_system_application_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_application_server:8.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- sunsolve.sun.com/search/document.donvdBroken LinkPatch
- www.securityfocus.com/bid/21371nvdBroken LinkPatchThird Party AdvisoryVDB Entry
- securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/30662nvdThird Party AdvisoryVDB Entry
- secunia.com/advisories/23186nvdBroken Link
- www.vupen.com/english/advisories/2006/4793nvdBroken Link
News mentions
0No linked articles in our index yet.