CVE-2006-0232
N/A
N/A
Summary
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, stores sensitive log and virus definition files under the web root with insufficient access control, which allows remote attackers to obtain the information via direct requests.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/17637
- http://www.securityfocus.com/archive/1/431728/100/0/threaded
- http://secunia.com/advisories/19734
- http://www.securityfocus.com/archive/1/431734/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25974
- http://securityreason.com/securityalert/758
- http://securityreason.com/securityalert/759
- http://archives.neohapsis.com/archives/vulnwatch/2006-q2/0012.html
- http://www.symantec.com/avcenter/security/Content/2006.04.21.html
- http://www.vupen.com/english/advisories/2006/1464
- http://securitytracker.com/id?1015974
References
- http://www.securityfocus.com/bid/17637
- http://www.securityfocus.com/archive/1/431728/100/0/threaded
- http://secunia.com/advisories/19734
- http://www.securityfocus.com/archive/1/431734/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25974
- http://securityreason.com/securityalert/758
- http://securityreason.com/securityalert/759
- http://archives.neohapsis.com/archives/vulnwatch/2006-q2/0012.html
- http://www.symantec.com/avcenter/security/Content/2006.04.21.html
- http://www.vupen.com/english/advisories/2006/1464
- http://securitytracker.com/id?1015974
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.