Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1464

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-1464
Last Modified 27 Mar 2012 12:00:00
Published 19 Mar 2012 03:55:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-1464

Summary

Dashboard Server for NetMechanica NetDecision before 4.6.1 allows remote attackers to obtain the installation path via a request with a trailing "?" character, which causes Dashboard to attempt to access a non-existent resource. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Netmechanica Netdecision 4.5.1


References

XF - netdecision-info-disclosure(73549)

CONFIRM - http://www.netmechanica.com/news/?news_id=26

EXPLOIT-DB - 18543

SECUNIA - 48168

MISC - http://secpod.org/blog/?p=478

MISC - http://secpod.org/advisories/SecPod_Netmechanica_NetDecision_Dashboard_Server_Info_Disc_Vuln.txt

OSVDB - 79653


Last Updated: 27 May 2016 10:42:30