ID CVE-2005-2463
Summary Kayako liveResponse 2.x allows remote attackers to obtain sensitive information via a direct request to addressbook.php and other include scripts, which reveals the path in an error message.
References
Vulnerable Configurations
  • cpe:2.3:a:kayako:liveresponse:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:kayako:liveresponse:2.0:*:*:*:*:*:*:*
CVSS
Base: 6.4 (as of 18-10-2016 - 03:27)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:N
refmap via4
bid 14425
bugtraq 20050730 Kayako liveResponse Multiple Vulnerabilities
misc http://www.gulftech.org/?node=research&article_id=00092-07302005
osvdb 18399
secunia 16286
Last major update 18-10-2016 - 03:27
Published 31-12-2005 - 05:00
Last modified 18-10-2016 - 03:27
Back to Top