Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0446

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-0446
Last Modified 05 Sep 2008 04:28:02
Published 26 Jul 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0446

Summary

categorie.php3 in Black Tie Project (BTP) 0.4b through 0.5b allows remote attackers to determine the absolute path of the web server via an invalid category ID (cid) parameter, which leaks the pathname in an error message.

Vulnerable Systems

Application

  • Black Tie Project 0.4b

  • Black Tie Project 0.5

  • Black Tie Project 0.5b


References

XF - btp-cid-path-disclosure(8439)

BID - 4275


Last Updated: 27 May 2016 10:36:54