Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1717

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-1717
Last Modified 02 Apr 2009 01:33:09
Published 09 Apr 2008 05:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1717

Summary

WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to obtain the full path via invalid (1) page and (2) form parameters, which leaks the path from an exception handler when a valid class cannot be found.

Vulnerable Systems

Application

  • Woltlab Burning Board 3.0.5


References

XF - wbb-wcf-exception-info-disclosure(41713)

BID - 28678

BUGTRAQ - 20080412 Re: WoltLab(R) Community Framework WCF 1.0.6

BUGTRAQ - 20080407 WoltLab(R) Community Framework XSS and Full Path Disclosure Vulnerability

SECUNIA - 29719

FULLDISC - 20080408 WoltLab(R) Community Framework XSS and Full Path Disclosure Vulnerability


Last Updated: 27 May 2016 10:47:38