Lucene search

[email protected]NVD:CVE-2007-3651

HistoryJul 09, 2008 - 12:41 a.m.

CVE-2007-3651

2008-07-0900:41:00

CWE-200

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.1

Confidence

Low

EPSS

0.003

Percentile

69.3%

JSON

class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remote attackers to obtain sensitive information via a '; (quote semicolon) sequence in the id parameter, which reveals the installation path in an error message.

Affected configurations

Nvd

Node

fascriptfanameMatch1.0

VendorProductVersionCPE
fascriptfaname1.0cpe:2.3:a:fascript:faname:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
fascript	faname	1.0	cpe:2.3:a:fascript:faname:1.0:::::::*

References

descriptions.securescout.com/tc/17971

www.netvigilance.com/advisory0041

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.1

Confidence

Low

EPSS

0.003

Percentile

69.3%

JSON

Related for NVD:CVE-2007-3651

cvelist1 prion1 cve1