CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-0947

Forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to determine the real pathname of the server by requesting an invalid extension, which produces an error page that includes the path.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 72.1%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2001-0947

Valicert » Enterprise Validation Authority » Version: 3.3

cpe:2.3:a:valicert:enterprise_validation_authority:3.3
Valicert » Enterprise Validation Authority » Version: 3.4

cpe:2.3:a:valicert:enterprise_validation_authority:3.4
Valicert » Enterprise Validation Authority » Version: 3.5

cpe:2.3:a:valicert:enterprise_validation_authority:3.5
Valicert » Enterprise Validation Authority » Version: 3.6

cpe:2.3:a:valicert:enterprise_validation_authority:3.6
Valicert » Enterprise Validation Authority » Version: 3.7

cpe:2.3:a:valicert:enterprise_validation_authority:3.7
Valicert » Enterprise Validation Authority » Version: 3.8

cpe:2.3:a:valicert:enterprise_validation_authority:3.8
Valicert » Enterprise Validation Authority » Version: 3.9

cpe:2.3:a:valicert:enterprise_validation_authority:3.9
Valicert » Enterprise Validation Authority » Version: 4.0

cpe:2.3:a:valicert:enterprise_validation_authority:4.0
Valicert » Enterprise Validation Authority » Version: 4.1

cpe:2.3:a:valicert:enterprise_validation_authority:4.1
Valicert » Enterprise Validation Authority » Version: 4.2

cpe:2.3:a:valicert:enterprise_validation_authority:4.2
Valicert » Enterprise Validation Authority » Version: 4.2.1

cpe:2.3:a:valicert:enterprise_validation_authority:4.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-0947

Products

Pricing

Contact Us