Information Disclosure Vulnerability in eyeOS Software by eyeOS
CVE-2011-3737

Currently unrated

Key Information:

Vendor: Eyeos
Status: Eyeos
Vendor: CVE Published:; 23 September 2011

What is CVE-2011-3737?

The vulnerability in eyeOS version 2.2.0.0 allows remote attackers to access sensitive information by sending direct requests to specific .php files. This flaw can lead to the exposure of the installation path through error messages, specifically demonstrated in files such as apps/rmail/webmail/program/lib/Net/SMTP.php. Such information could facilitate further attacks against the affected system, highlighting the need for immediate security awareness and remediation.

References

http://www.openwall.com/lists/oss-security/2011/06/27/6

mailing-listx_refsource_MLIST

http://code.google.com/p/inspathx/source/browse/trunk/pat...

x_refsource_MISC

http://code.google.com/p/inspathx/source/browse/trunk/pat...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 23, 2011

CVE-2011-3737 Data

JSON

Eyeos

What is CVE-2011-3737?

References

Timeline