Hummingbird CyberDOCS 3.5, 3.9, and 4.0, when running on IIS, uses insecure permissions for script source code files, which allows remote attackers to read the source code.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Cyberdocs | Hummingbird | 3.5 (including) | 3.5 (including) |
| Cyberdocs | Hummingbird | 3.9 (including) | 3.9 (including) |
| Cyberdocs | Hummingbird | 4.0 (including) | 4.0 (including) |
References
- http://secunia.com/advisories/9985
- http://www.kb.cert.org/vuls/id/989580
- http://www.procheckup.com/security_info/vuln_pr0302.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13397
- http://secunia.com/advisories/9985
- http://www.kb.cert.org/vuls/id/989580
- http://www.procheckup.com/security_info/vuln_pr0302.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13397