2 matches found
CVE-2006-0232
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, stores sensitive log and virus definition files under the web root with insufficient access control, which allows remote attackers to obtain the information via direct requests...
CVE-2006-0232
Symantec Scan Engine CVE-2006-0232 affects v5.0.0.24 (and possibly earlier) where sensitive files (logs, virus definitions) are stored under the web root with weak access control, enabling unauthenticated remote downloads via direct HTTP requests. Rapid7 advisory confirms the vulnerability allows...