CVE-2006-5019

2006-09-2723:00:00

mitre

www.cve.org

6.1 Medium

AI Score

Confidence

Low

0.037 Low

EPSS

Percentile

91.7%

JSON

Google Mini 4.4.102.M.36 and earlier allows remote attackers to obtain sensitive information via a direct request for /search with an invalid client parameter, which reveals the path in an error message.

References

secunia.com/advisories/22059

securityreason.com/securityalert/1637

users.tpg.com.au/adsl2dvp/advisories/200609-googlemini.txt

www.securityfocus.com/archive/1/446728/100/0/threaded

www.securityfocus.com/bid/20149

exchange.xforce.ibmcloud.com/vulnerabilities/29111