Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2606


Vulnerability Score 5.0 5.0
CVE Id CVE-2009-2606
Last Modified 27 Jul 2009 12:00:00
Published 27 Jul 2009 10:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



ASP Football Pool 2.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for NFL.mdb.

Vulnerable Systems


  • Brainjar Asp Football Pool 2.3


MILW0RM - 8852

SECUNIA - 35317

Last Updated: 27 May 2016 10:50:58