{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-04-21T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, stores sensitive log and virus definition files under the web root with insufficient access control, which allows remote attackers to obtain the information via direct requests."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-19T14:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "17637", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/17637"}, {"name": "20060421 Rapid7 Advisory R7-0023: Symantec Scan Engine File Disclosure Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/431728/100/0/threaded"}, {"name": "19734", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19734"}, {"name": "20060421 [Symantec Security Advisor] Symantec Scan Engine Multiple Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/431734/100/0/threaded"}, {"name": "sse-unauth-file-access(25974)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25974"}, {"name": "758", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/758"}, {"name": "759", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/759"}, {"name": "20060421 Rapid7 Advisory R7-0023: Symantec Scan Engine File Disclosure Vulnerability", "tags": ["mailing-list", "x_refsource_VULNWATCH"], "url": "http://archives.neohapsis.com/archives/vulnwatch/2006-q2/0012.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.symantec.com/avcenter/security/Content/2006.04.21.html"}, {"name": "ADV-2006-1464", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/1464"}, {"name": "1015974", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1015974"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-0232", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, stores sensitive log and virus definition files under the web root with insufficient access control, which allows remote attackers to obtain the information via direct requests."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "17637", "refsource": "BID", "url": "http://www.securityfocus.com/bid/17637"}, {"name": "20060421 Rapid7 Advisory R7-0023: Symantec Scan Engine File Disclosure Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/431728/100/0/threaded"}, {"name": "19734", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19734"}, {"name": "20060421 [Symantec Security Advisor] Symantec Scan Engine Multiple Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/431734/100/0/threaded"}, {"name": "sse-unauth-file-access(25974)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25974"}, {"name": "758", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/758"}, {"name": "759", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/759"}, {"name": "20060421 Rapid7 Advisory R7-0023: Symantec Scan Engine File Disclosure Vulnerability", "refsource": "VULNWATCH", "url": "http://archives.neohapsis.com/archives/vulnwatch/2006-q2/0012.html"}, {"name": "http://www.symantec.com/avcenter/security/Content/2006.04.21.html", "refsource": "CONFIRM", "url": "http://www.symantec.com/avcenter/security/Content/2006.04.21.html"}, {"name": "ADV-2006-1464", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1464"}, {"name": "1015974", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015974"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T16:25:34.018Z"}, "title": "CVE Program Container", "references": [{"name": "17637", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/17637"}, {"name": "20060421 Rapid7 Advisory R7-0023: Symantec Scan Engine File Disclosure Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/431728/100/0/threaded"}, {"name": "19734", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19734"}, {"name": "20060421 [Symantec Security Advisor] Symantec Scan Engine Multiple Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/431734/100/0/threaded"}, {"name": "sse-unauth-file-access(25974)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25974"}, {"name": "758", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/758"}, {"name": "759", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/759"}, {"name": "20060421 Rapid7 Advisory R7-0023: Symantec Scan Engine File Disclosure Vulnerability", "tags": ["mailing-list", "x_refsource_VULNWATCH", "x_transferred"], "url": "http://archives.neohapsis.com/archives/vulnwatch/2006-q2/0012.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.symantec.com/avcenter/security/Content/2006.04.21.html"}, {"name": "ADV-2006-1464", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/1464"}, {"name": "1015974", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1015974"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-0232", "datePublished": "2006-04-25T01:00:00.000Z", "dateReserved": "2006-01-17T00:00:00.000Z", "dateUpdated": "2024-08-07T16:25:34.018Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:5.0.0.24:*:*:*:*:*:*:*", "matchCriteriaId": "8AF68B64-10AA-49B6-944B-B89B13DD3F2A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, stores sensitive log and virus definition files under the web root with insufficient access control, which allows remote attackers to obtain the information via direct requests."}], "id": "CVE-2006-0232", "lastModified": "2026-04-16T00:27:16.627", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-04-25T01:02:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/vulnwatch/2006-q2/0012.html"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/19734"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/758"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/759"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1015974"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/431728/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/431734/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/17637"}, {"source": "cve@mitre.org", "url": "http://www.symantec.com/avcenter/security/Content/2006.04.21.html"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/1464"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25974"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/vulnwatch/2006-q2/0012.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19734"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/758"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/759"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1015974"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/431728/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/431734/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/17637"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.symantec.com/avcenter/security/Content/2006.04.21.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/1464"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25974"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}