header-logo
Suggest Exploit
vendor:
Policy Manager
by:
SecurityFocus
5
CVSS
MEDIUM
Path Disclosure
200
CWE
Product Name: Policy Manager
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2003

Path Disclosure

F-Secure Policy Manager includes a CGI application named 'fsmsh.dll'. By supplying unexpected input as an argument to the 'fsmsh.dll' application, the vulnerable software will return an error message that includes the installation path of the software.

Mitigation:

Upgrade to the latest version of F-Secure Policy Manager.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11869/info

F-Secure Policy Manager includes a CGI application named 'fsmsh.dll'. By supplying unexpected input as an argument to the 'fsmsh.dll' application the vulnerable software will return an error message that includes the installation path of the software.

/fsms/fsmsh.dll?

Navigation

Suggest Exploit

Services By CQR