6.6 Medium
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.2%
Forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to determine the real pathname of the server by requesting an invalid extension, which produces an error page that includes the path.
marc.info/?l=bugtraq&m=100749428517090&w=2
www.securityfocus.com/bid/3615
www.valicert.com/support/security_advisory_eva.html
exchange.xforce.ibmcloud.com/vulnerabilities/7649