Configuration File Exposure in 4D WebSTAR by 4D
CVE-2004-0697

Currently unrated

Key Information:

Vendor

4d

Status
Webstar
Vendor
CVE Published:
27 July 2004

What is CVE-2004-0697?

In 4D WebSTAR versions 5.3.2 and earlier, there exists a vulnerability that allows remote attackers to read the php.ini configuration file. This exposure could lead to unauthorized access to sensitive information, posing significant risks to system integrity and data security. It is crucial for users of affected versions to assess and mitigate this vulnerability to protect sensitive data from potential exploitation.

References

http://www.atstake.com/research/advisories/2004/a071304-1...
vendor-advisoryx_refsource_ATSTAKE
https://exchange.xforce.ibmcloud.com/vulnerabilities/16688
vdb-entryx_refsource_XF
ftp://ftp.4d.com/ACI_PRODUCT_REFERENCE_LIBRARY/4D_PRODUCT...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.