Vulnerability Details CVE-2006-0704
iE Integrator 4.4.220114, when configured without a "bespoke error page" in acm.ini, allows remote attackers to obtain sensitive information via a URL that calls a non-existent .aspx script in the integrator/apps directory, which results in an error message that displays the installation path, web server name, IP, and port, session cookie information, and the IIS system username.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.1%
CVSS Severity
CVSS v2 Score 2.6
Products affected by CVE-2006-0704
-
cpe:2.3:a:ie:ie_integrator:4.4.220114