← volver
CVE-2006-0704

CVE-2006-0704

EPSS 1.2%
iE Integrator 4.4.220114, when configured without a "bespoke error page" in acm.ini, allows remote attackers to obtain sensitive information via a URL that calls a non-existent .aspx script in the integrator/apps directory, which results in an error message that displays the installation path, web server name, IP, and port, session cookie information, and the IIS system username.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://secunia.com/advisories/18813https://exchange.xforce.ibmcloud.com/vulnerabilities/24714http://www.irmplc.com/advisory016.htmhttp://www.vupen.com/english/advisories/2006/0568