Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1666

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-1666
Last Modified 21 Sep 2011 11:30:40
Published 09 Apr 2011 10:51:19
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-1666

Summary

Metaways Tine 2.0 allows remote attackers to obtain sensitive information via unknown vectors in (1) Crm/Controller.php, (2) Crm/Export/Csv.php, or (3) Calendar/Model/Attender.php, which reveal the full installation path.

Vulnerable Systems

Application

  • Metaways Tine 2.0


References

XF - tine-multiple-info-disc(66558)

BID - 47102

BUGTRAQ - 20110331 HTB22909: Path disclosure in Tine 2.0

MISC - http://www.htbridge.ch/advisory/path_disclosure_in_tine_2_0.html

SREASON - 8191


Last Updated: 27 May 2016 10:56:24