← back
CVE-2001-0947

CVE-2001-0947

EPSS 2.5%
Forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to determine the real pathname of the server by requesting an invalid extension, which produces an error page that includes the path.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://marc.info/?l=bugtraq&m=100749428517090&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/7649http://www.securityfocus.com/bid/3615http://www.valicert.com/support/security_advisory_eva.html