ID CVE-2006-2691
Summary Unspecified "information leakage" vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to access arbitrary images, including dynamically generated images, via unknown vectors. Successful exploitation requires that the full pathname of the file is known. This vulnerability is addressed in the following product release: aMule, aMule, 2.1.2
References
Vulnerable Configurations
  • cpe:2.3:a:amule:amule:*:*:*:*:*:*:*:*
    cpe:2.3:a:amule:amule:*:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 20-07-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 18145
confirm http://www.amule.org/wiki/index.php/Changelog_2.1.2
sectrack 1016188
secunia 20351
xf amule-url-information-disclosure(26953)
Last major update 20-07-2017 - 01:31
Published 31-05-2006 - 10:06
Back to Top