Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3339

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-3339
Last Modified 07 Mar 2011 09:38:23
Published 03 Jul 2006 02:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3339

Summary

secure/ConfigureReleaseNote.jspa in Atlassian JIRA 3.6.2-#156 allows remote attackers to obtain sensitive information via unspecified manipulations of the projectId parameter, which displays the installation path and other system information in an error message.

Vulnerable Systems

Application

  • Atlassian Jira 3.6.2 156


References

VUPEN - ADV-2006-2472

XF - jira-projectid-info-disclosure(27235)

OSVDB - 26745

MISC - http://pridels0.blogspot.com/2006/06/atlassian-jira-information-disclosure.html

CONFIRM - http://jira.atlassian.com/browse/JRA-10542


Last Updated: 27 May 2016 10:42:58