Vulnerability Description
Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote attackers to obtain sensitive information (intranet IP addresses and enumerations of valid parameter values) via a direct request to hc, which reveals the information in an error message or a cookie.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hummingbird | Collaboration | <= 5.21 |
| Hummingbird | Enterprise Collaboration | <= 5.21 |
References
- http://secunia.com/advisories/18411
- http://securityreason.com/securityalert/328
- http://www.securenetwork.it/advisories/sn-2006-01.htmlExploit
- http://www.securityfocus.com/archive/1/421392/100/0/threaded
- http://www.securityfocus.com/bid/16195Exploit
- http://www.vupen.com/english/advisories/2006/0145
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24069
- http://secunia.com/advisories/18411
- http://securityreason.com/securityalert/328
- http://www.securenetwork.it/advisories/sn-2006-01.htmlExploit
- http://www.securityfocus.com/archive/1/421392/100/0/threaded
- http://www.securityfocus.com/bid/16195Exploit
- http://www.vupen.com/english/advisories/2006/0145
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24069
FAQ
What is CVE-2006-0174?
CVE-2006-0174 is a vulnerability with a CVSS score of 4.0 (MEDIUM). Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote attackers to obtain sensitive information (intranet IP addresses and enumerations of valid parameter...
How severe is CVE-2006-0174?
CVE-2006-0174 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0174?
Check the references section above for vendor advisories and patch information. Affected products include: Hummingbird Collaboration, Hummingbird Enterprise Collaboration.