Lucene search

[email protected]CVE-2005-4017

HistoryDec 05, 2005 - 11:03 a.m.

CVE-2005-4017

2005-12-0511:03:00

[email protected]

web.nvd.nist.gov

property.php

widget property

server path leak

cve-2005-4017

information security

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.4%

JSON

property.php in Widget Property 1.1.19 allows remote attackers to obtain the full server path via an invalid lang value, which leaks the path in the resulting error message.

Affected configurations

NVD

Node

widget_presswidget_propertyMatch1.1.19

References

pridels0.blogspot.com/2005/12/widget-property-vuln.html

secunia.com/advisories/17829

www.osvdb.org/21427

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.4%

JSON

Related for CVE-2005-4017

cvelist1 nvd1