CVE-2006-5742 - Racemic Giant Clam

Description

The AirMagnet Enterprise console and Remote Sensor console (Laptop) in AirMagnet Enterprise before 7.5 build 6307 allows remote attackers to inject arbitrary web script or HTML from a certain embedded Internet Explorer object into an SSID template value aka \Cross-Application Scripting (XAS).

Reference

http://www.securityfocus.com/bid/20602 http://secunia.com/advisories/22475 http://www.securityfocus.com/archive/1/451978/100/100/threaded http://www.securityfocus.com/archive/1/449739/100/100/threaded http://www.securityfocus.com/archive/1/449119/100/200/threaded