CVE-2006-5019

Currently unrated

Key Information:

Vendor: Google
Status: Mini Search Appliance
Vendor: CVE Published:; 27 September 2006

Summary

Google Mini 4.4.102.M.36 and earlier allows remote attackers to obtain sensitive information via a direct request for /search with an invalid client parameter, which reveals the path in an error message.

References

http://securityreason.com/securityalert/1637

third-party-advisoryx_refsource_SREASON

http://users.tpg.com.au/adsl2dvp/advisories/200609-google...

x_refsource_MISC

http://www.securityfocus.com/archive/1/446728/100/0/threaded

mailing-listx_refsource_BUGTRAQ

EPSS Score

3% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 27, 2006
Vulnerability Reserved
Sep 27, 2006

Collectors

NVD DatabaseMitre Database