CVE-2011-1424

The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET...

Default configuration

The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET...

CVE-2011-1424

The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET...

CVE-2011-1424

EMC SourceOne Email Management (before 6.6 SP1) with Mobile Services enabled contains a trace/configuration flaw in ExShortcut/Web.config: the trace element localOnly flag is not set to true. This enables the ASP.NET Application Tracing file to potentially disclose application-sensitive informati...

Microsoft ASP.NET Application Tracing trace.axd Information Disclosure

The ASP.NET web application running in the root directory of the remote web server has application tracing enabled. This allows an unauthenticated, remote attacker to view the last 50 web requests made to the server, including sensitive information like Session ID values and the physical path to...