CVE-2001-0947
Last modified
CVE-2001-0947 is a vulnerability of currently unknown severity. Forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to determine the real pathname of the server by requesting an invalid extension, which produces an error page that includes the path.. EPSS estimates a 2.45% chance of exploitation in the next 30 days.
Description
Forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to determine the real pathname of the server by requesting an invalid extension, which produces an error page that includes the path.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Valicert | Enterprise Validation Authority | 3.3 |
| Valicert | Enterprise Validation Authority | 3.4 |
| Valicert | Enterprise Validation Authority | 3.5 |
| Valicert | Enterprise Validation Authority | 3.6 |
| Valicert | Enterprise Validation Authority | 3.7 |
| Valicert | Enterprise Validation Authority | 3.8 |
| Valicert | Enterprise Validation Authority | 3.9 |
| Valicert | Enterprise Validation Authority | 4.0 |
| Valicert | Enterprise Validation Authority | 4.1 |
| Valicert | Enterprise Validation Authority | 4.2 |
| Valicert | Enterprise Validation Authority | 4.2.1 |
References
- http://www.securityfocus.com/bid/3615Patch, Vendor Advisory
- http://www.valicert.com/support/security_advisory_eva.htmlVendor Advisory, URL Repurposed
- http://www.securityfocus.com/bid/3615Patch, Vendor Advisory
- http://www.valicert.com/support/security_advisory_eva.htmlVendor Advisory, URL Repurposed
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2001-0947?
How severe is CVE-2001-0947?
How do I fix CVE-2001-0947?
Are you affected by CVE-2001-0947?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST