Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-6515

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-6515
Last Modified 29 Jan 2013 12:00:00
Published 23 Jan 2013 08:55:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-6515

Summary

eFront 3.6.10, 3.6.11 build 15059, and earlier allows remote attackers to obtain sensitive information via invalid courses_ID parameter in the lesson_info module to index.php, which reveals the installation path in an error message.

Vulnerable Systems

Application

  • Efrontlearning Efront 3.6.10

  • Efrontlearning Efront 3.6.11


References

BID - 53272

SECUNIA - 49003

MISC - http://hauntit.blogspot.com/2012/04/en-efront-3610-cms-information.html


Last Updated: 27 May 2016 10:51:50