activeCollab Multiple Information Disclosure Vulnerabilities
BID:53699
Info
activeCollab Multiple Information Disclosure Vulnerabilities
| Bugtraq ID: | 53699 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 24 2012 12:00AM |
| Updated: | May 24 2012 12:00AM |
| Credit: | Andrew Horton, Steven Seeley, and Pedram Hayati from Stratsec |
| Vulnerable: |
A51 activeCollab 2.1.1 A51 activeCollab 1.1.6 A51 activeCollab 1.1.5 A51 activeCollab 2.3.4 A51 activeCollab 2.3.2 A51 activeCollab 2.3.10 A51 activeCollab 2.1 A51 activeCollab 0.7.1 |
| Not Vulnerable: | |
Discussion
activeCollab Multiple Information Disclosure Vulnerabilities
activeCollab is prone to multiple remote information-disclosure vulnerabilities.
Attackers can exploit these issues to gain access to sensitive information that may aid in further attacks.
activeCollab 2.3.10 is vulnerable; other versions may also be affected.
activeCollab is prone to multiple remote information-disclosure vulnerabilities.
Attackers can exploit these issues to gain access to sensitive information that may aid in further attacks.
activeCollab 2.3.10 is vulnerable; other versions may also be affected.
Exploit / POC
activeCollab Multiple Information Disclosure Vulnerabilities
Attackers can use a browser to exploit these issues.
Attackers can use a browser to exploit these issues.
Solution / Fix
activeCollab Multiple Information Disclosure Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
activeCollab Multiple Information Disclosure Vulnerabilities
References:
References:
- activeCollab 2.3.10 (A51)
- activeCollab Homepage (A51)
- activeCollab Multiple Remote Vulnerabilities (Stratsec Research)