Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4164

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2008-4164
Last Modified 29 Jan 2009 01:55:40
Published 22 Sep 2008 02:52:13
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2008-4164

Summary

cron.php in MemHT Portal 3.9.0 and earlier allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.

Vulnerable Systems

Application

  • Memht Portal 3.1

  • Memht Portal 3.4

  • Memht Portal 3.4.5

  • Memht Portal 3.6.0

  • Memht Portal 3.8.5

  • Memht Portal 3.9.0


References

XF - memhtportal-cron-path-disclosure(45413)

MILW0RM - 6393

SREASON - 4288


Last Updated: 27 May 2016 10:48:24