VDB
CVE-2006-5654
CVE-2006-5654
PUBLISHED
CVSS 4 MEDIUM
Unspecified vulnerability in the Network Security Services (NSS) in Sun Java System Web Server 6.0 before SP 10 and ONE Application Server 7 before Update 3, when SSLv2 is enabled, allows remote authenticated users to cause a denial of service (application crash) via unspecified vectors. NOTE: due to lack of details from the vendor, it is unclear whether this is related to vector 1 in CVE-2006-5201 or CVE-2006-3127.
EPSS 1.25% · 79.7th percentile
Risk Scores
CVSS 2.0
4
EPSS Score
1.25%
79.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| sun | java_system_web_server | 6.0 |
| sun | one_application_server | 0 |
| n/a | n/a | n/a |
Timeline
- Nov 3, 2006 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- sun-java-nss-dos(29946) vdb
- 22646 third-party-advisory
- 102670 vendor-advisory
- 1017143 vdb
- ADV-2006-4299 vdb
- 20846 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2006-5654 advisory