RSS   Vulnerabilities for 'Ie integrator'   RSS

2006-02-15
 
CVE-2006-0704

 

 
iE Integrator 4.4.220114, when configured without a "bespoke error page" in acm.ini, allows remote attackers to obtain sensitive information via a URL that calls a non-existent .aspx script in the integrator/apps directory, which results in an error message that displays the installation path, web server name, IP, and port, session cookie information, and the IIS system username.

 


Copyright 2024, cxsecurity.com

 

Back to Top