PT-2004-2171 · F Secure · F-Secure Policy Manager
Oliver Karow
·
Publicado
2004-12-15
·
Atualizado
2017-07-11
·
CVE-2004-1223
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
F-Secure Policy Manager version 5.11.2810
Description:
The issue allows remote attackers to gain sensitive information, such as the absolute path for the web server, via an HTTP request to "fsmsh.dll" without any parameters.
Recommendations:
For F-Secure Policy Manager version 5.11.2810, consider restricting access to the fsmsh.dll module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
F-Secure Policy Manager