CVE-2006-4958

Name of the Vulnerable Software and Affected Versions Sun Secure Global Desktop versions prior to 4.20.983

Description The issue involves multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary web script or HTML. The attack vectors are unspecified but possibly involve several CGI and JSP files, including taarchives.cgi, ttaAuthentication.jsp, ttalicense.cgi, ttawlogin.cgi, ttawebtop.cgi, ttaabout.cgi, and test-cgi.

Recommendations For versions prior to 4.20.983, update to version 4.20.983 or later to resolve the issue. As a temporary workaround, consider restricting access to the potentially vulnerable CGI and JSP files until the update is applied.