CVE-2012-1466

Name of the Vulnerable Software and Affected Versions NetMechanica NetDecision versions prior to 4.6.1

Description The issue allows remote attackers to obtain the source code of NtDecision script files with a .nd extension via an invalid version number in an HTTP request. This can be demonstrated using a file like default.nd.

Recommendations For versions prior to 4.6.1, update to version 4.6.1 or later to resolve the issue. As a temporary workaround, consider restricting access to .nd files to minimize the risk of exploitation.