CVE-2003-1235

2022-10-0316:15:43

mitre

www.cve.org

brw webweaver

sensitive information

disclosure

6.2 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.6%

JSON

BRW WebWeaver 1.03 allows remote attackers to obtain sensitive server environment information via a URL request for testcgi.exe, which lists the values of environment variables and the current working directory.

References

archives.neohapsis.com/archives/bugtraq/2003-04/0014.html

www.iss.net/security_center/static/11686.php

www.securityfocus.com/bid/7283