Vulnerabilities > CVE-2006-0704 - Information Disclosure vulnerability in IE Integrator 4.4.220114
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
iE Integrator 4.4.220114, when configured without a "bespoke error page" in acm.ini, allows remote attackers to obtain sensitive information via a URL that calls a non-existent .aspx script in the integrator/apps directory, which results in an error message that displays the installation path, web server name, IP, and port, session cookie information, and the IIS system username.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |