Information Disclosure in Progress Webspeed Messenger
CVE-2007-2354

Currently unrated

Key Information:

Vendor
Progress
Status
Webspeed Messenger
Vendor
CVE Published:
30 April 2007

Summary

The Progress Webspeed Messenger is susceptible to an information disclosure vulnerability where remote attackers can exploit the WService parameter to retrieve sensitive details. Specifically, by crafting a request containing 'wsbroker1/webutil/about.r', attackers can gain access to revealing information about the operating system and the product itself. This flaw can potentially allow unauthorized users to gather critical insights, leading to further exploitation of the affected system.

References

http://www.securityfocus.com/archive/1/467184/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.ishare.nl/
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2007-2354 : Information Disclosure in Progress Webspeed Messenger | SecurityVulnerability.io