Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5130

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-5130
Last Modified 05 Sep 2008 05:29:57
Published 27 Sep 2007 03:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5130

Summary

SimpGB 1.46.02 allows remote attackers to obtain sensitive information via (1) an invalid lang parameter to admin/index.php or (2) a direct request to admin/trailer.php, which reveals the path in various error messages.

Vulnerable Systems

Application

  • Boesch-it Simpgb 1.46.02


References

CONFIRM - http://forum.boesch-it.de/viewtopic.php?t=2790

XF - simpgb-lang-path-disclosure(36775)

BUGTRAQ - 20070925 SimpGB version 1.46.02 Multiple Path Disclosure Vulnerabilities

MISC - http://www.netvigilance.com/advisory0064

SREASON - 3172


Last Updated: 27 May 2016 10:46:05