Lucene search

[email protected]CVE-2005-4722

HistoryFeb 15, 2006 - 11:00 a.m.

CVE-2005-4722

2006-02-1511:00:00

[email protected]

web.nvd.nist.gov

cve-2005-4722

tmspublisher

remote attackers

information disclosure

security vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.6 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.7%

JSON

_Request_Message.cfm in tmsPUBLISHER 3.3 allows remote attackers to obtain sensitive information via an invalid id argument to pagename.cfm, which reveals the installation path in an error message.

Affected configurations

NVD

Node

the_media_shoppe_berhadtmspublisherMatch3.0

the_media_shoppe_berhadtmspublisherMatch3.3

CPENameOperatorVersion
the_media_shoppe_berhad:tmspublisherthe media shoppe berhad tmspublishereq3.0
the_media_shoppe_berhad:tmspublisherthe media shoppe berhad tmspublishereq3.3

CPE	Name	Operator	Version
the_media_shoppe_berhad:tmspublisher	the media shoppe berhad tmspublisher	eq	3.0
the_media_shoppe_berhad:tmspublisher	the media shoppe berhad tmspublisher	eq	3.3

References

developer.tmsasia.com/page.cfm?name=security

metawire.org/~adli/advisories/250405_tmspublisher_vulnerablility.signed.txt

www.osvdb.org/23298

exchange.xforce.ibmcloud.com/vulnerabilities/25273

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.6 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.7%

JSON

Related for CVE-2005-4722

cvelist1 nvd1