Maarch Arbitrary Document Disclosure

2006-10-20T10:18:49
ID OSVDB:29900
Type osvdb
Reporter OSVDB
Modified 2006-10-20T10:18:49

Description

Vulnerability Description

Maarch contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered due to an unspecified error when accessing documents, which will disclose the content of certain documents resulting in a loss of confidentiality.

Solution Description

Upgrade to version 2.0.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Maarch contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered due to an unspecified error when accessing documents, which will disclose the content of certain documents resulting in a loss of confidentiality.

References:

Vendor URL: http://maarch.sourceforge.net/ Vendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=456553 Secunia Advisory ID:22468 ISS X-Force ID: 29685 FrSIRT Advisory: ADV-2006-4134 CVE-2006-5492 Bugtraq ID: 20647