ID CVE-2004-1223
Summary The Management Agent in F-Secure Policy Manager 5.11.2810 allows remote attackers to gain sensitive information, such as the absolute path for the web server, via an HTTP request to fsmsh.dll without any parameters.
References
Vulnerable Configurations
  • cpe:2.3:a:f-secure:policy_manager:5.11:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:policy_manager:5.11:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 11-07-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 11869
bugtraq 20041209 =?iso-8859-1?Q?F-Secure_Policy_Manager_-__physical_path_disclosure?=
misc http://www.oliverkarow.de/research/f-secure.txt
xf fsecure-url-obtain-information(18413)
Last major update 11-07-2017 - 01:30
Published 10-01-2005 - 05:00
Last modified 11-07-2017 - 01:30
Back to Top