Notified: September 18, 2003 Updated: October 09, 2003
Affected
CyberDOCS - Potential to Reveal CyberDOCS Web Server Installation Path in Error Message Problem: In CyberDOCS (versions 3.5.1, 3.9, and 4.0), it is possible to display the DM Web Server installation path in certain error messages when incorrect logon credentials are entered. Resolution: This issue is resolved in CyberDOCS 4.0 Patch 4, which can be downloaded from Hummingbird's website at the following location:
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.