Vulnerability Description
TOPo 1.43 allows remote attackers to obtain sensitive information by sending an HTTP request with an invalid parameter to (1) in.php or (2) out.php, which reveals the path to the TOPo directory in the error message.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ej3 | Topo | 1.43 |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2003-02/0049.htmlPatch
- http://secunia.com/advisories/8008Vendor Advisory
- http://www.securityfocus.com/bid/6768
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11248
- http://archives.neohapsis.com/archives/bugtraq/2003-02/0049.htmlPatch
- http://secunia.com/advisories/8008Vendor Advisory
- http://www.securityfocus.com/bid/6768
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11248
FAQ
What is CVE-2003-1409?
CVE-2003-1409 is a vulnerability with a CVSS score of 5.0 (MEDIUM). TOPo 1.43 allows remote attackers to obtain sensitive information by sending an HTTP request with an invalid parameter to (1) in.php or (2) out.php, which reveals the path to the TOPo directory in the...
How severe is CVE-2003-1409?
CVE-2003-1409 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-1409?
Check the references section above for vendor advisories and patch information. Affected products include: Ej3 Topo.