Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1996

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-1996
Last Modified 07 Mar 2011 09:34:45
Published 25 Apr 2006 08:50:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1996

Summary

Scry Gallery 1.1 allows remote attackers to obtain sensitive information via an invalid p parameter, which reveals the path in an error message.

Vulnerable Systems

Application

  • Scry Gallery 1.1


References

VUPEN - ADV-2006-1490

BUGTRAQ - 20060421 Scry Gallery Directory Traversal & Full Path Disclosure Vulnerabilites

XF - scry-gallery-index-path-disclosure(25990)

BID - 17668

OSVDB - 24890

SREASON - 784

SECUNIA - 19777

VIM - 20060425 Interesting Scry stuff


Last Updated: 27 May 2016 10:42:17