Vulnerabilities > CVE-2006-0173 - Multiple vulnerability in Hummingbird Enterprise Collaboration 5.2/5.21

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
hummingbird
exploit available
NVD
Published: 2006-01-11
Updated: 2018-10-19

Summary

Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote attackers to misrepresent the type and name of a file via modified doc_ext and id parameters, which might trick a user into downloading dangerous or unexpected content.

Vulnerable Configurations

Part Description Count
Application
Hummingbird
3

Exploit-Db

descriptionHummingbird Collaboration Crafted URL File Property Obscuration Download. CVE-2006-0173. Webapps exploit for cgi platform
idEDB-ID:27061
last seen2016-02-03
modified2006-01-10
published2006-01-10
reporterLuca Carettoni
sourcehttps://www.exploit-db.com/download/27061/
titleHummingbird Collaboration - Crafted URL File Property Obscuration Download

References