CVE-2006-0232

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://archives.neohapsis.com/archives/vulnwatch/2006-q2/0012.html", "name": "20060421 Rapid7 Advisory R7-0023: Symantec Scan Engine File Disclosure Vulnerability", "tags": ["Exploit", "Patch", "Vendor Advisory"], "refsource": "VULNWATCH"}, {"url": "http://www.symantec.com/avcenter/security/Content/2006.04.21.html", "name": "http://www.symantec.com/avcenter/security/Content/2006.04.21.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/17637", "name": "17637", "tags": [], "refsource": "BID"}, {"url": "http://securitytracker.com/id?1015974", "name": "1015974", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/19734", "name": "19734", "tags": [], "refsource": "SECUNIA"}, {"url": "http://securityreason.com/securityalert/758", "name": "758", "tags": [], "refsource": "SREASON"}, {"url": "http://securityreason.com/securityalert/759", "name": "759", "tags": [], "refsource": "SREASON"}, {"url": "http://www.vupen.com/english/advisories/2006/1464", "name": "ADV-2006-1464", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25974", "name": "sse-unauth-file-access(25974)", "tags": [], "refsource": "XF"}, {"url": "http://www.securityfocus.com/archive/1/431734/100/0/threaded", "name": "20060421 [Symantec Security Advisor] Symantec Scan Engine Multiple Vulnerabilities", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/431728/100/0/threaded", "name": "20060421 Rapid7 Advisory R7-0023: Symantec Scan Engine File Disclosure Vulnerability", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, stores sensitive log and virus definition files under the web root with insufficient access control, which allows remote attackers to obtain the information via direct requests."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-0232", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2006-04-25T01:02Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:symantec:antivirus_scan_engine:5.0.0.24:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-19T15:43Z"}