Lucene search

[email protected]CVE-2003-1403

HistoryOct 20, 2007 - 10:00 a.m.

CVE-2003-1403

2007-10-2010:00:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2003-1403

dotbr 0.1

sensitive information disclosure

remote attackers

phpinfo

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.1%

JSON

foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function.

Affected configurations

NVD

Node

dotbrbotbrMatch0.1

CPENameOperatorVersion
dotbr:botbrdotbr botbreq0.1

CPE	Name	Operator	Version
dotbr:botbr	dotbr botbr	eq	0.1

References

archives.neohapsis.com/archives/vulnwatch/2003-q1/0070.html

www.osvdb.org/5091

www.securityfocus.com/bid/6864

exchange.xforce.ibmcloud.com/vulnerabilities/11353

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.1%

JSON

Related for CVE-2003-1403

cvelist1 nvd1