Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0173

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2006-0173
Last Modified 07 Mar 2011 09:29:29
Published 11 Jan 2006 04:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2006-0173

Summary

Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote attackers to misrepresent the type and name of a file via modified doc_ext and id parameters, which might trick a user into downloading dangerous or unexpected content.

Vulnerable Systems

Application

  • Hummingbird Enterprise Collaboration 5.2

  • Hummingbird Enterprise Collaboration 5.21


References

VUPEN - ADV-2006-0145

BID - 16195

BUGTRAQ - 20060110 Multiple Vulnerabilities in Hummingbird Collaboration

MISC - http://www.securenetwork.it/advisories/sn-2006-01.html

SECUNIA - 18411

XF - hummingbird-enterprise-file-download(24068)


Last Updated: 27 May 2016 10:41:34