Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5463


Vulnerability Score 5.0 5.0
CVE Id CVE-2007-5463
Last Modified 15 Nov 2008 02:01:04
Published 15 Oct 2007 06:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



ideal_process.php in the iDEAL payment module in ViArt Shop 3.3 beta and earlier might allow remote attackers to obtain the pathname for certificate and key files via an "iDEAL transaction", possibly involving fopen error messages for nonexistent files, a different issue than CVE-2007-5364. NOTE: this can be leveraged for reading certificate or key files if an installation places these files under the web document root.

Vulnerable Systems


  • Viart Shop 3.3 Beta



SECUNIA - 27199

XF - viart-idealprocess-path-disclosure(37048)

BUGTRAQ - 20071010 Regarding vulnerability in ViArt Shop

OSVDB - 40151

BID - 25998

SREASON - 3233

Last Updated: 27 May 2016 10:46:10