CVE-2005-0286

Name of the Vulnerable Software and Affected Versions eMotion MediaPartner Web Server versions 5.0 through 5.1

Description The issue allows remote attackers to obtain sensitive information via an HTTP request for a .bhtml file. This can happen when the file contains a dot (.) or a plus sign (+) at the end, which then returns the source code for that file.

Recommendations For versions 5.0 through 5.1, consider restricting access to .bhtml files to minimize the risk of exploitation. As a temporary workaround, avoid using .bhtml files that contain a dot (.) or a plus sign (+) at the end until a fix is available.