CVE-2006-0704 Information

Description

iE Integrator 4.4.220114 when configured without a \bespoke error page\ in acm.ini allows remote attackers to obtain sensitive information via a URL that calls a non-existent .aspx script in the integrator/apps directory which results in an error message that displays the installation path web server name IP and port session cookie information and the IIS system username.

Reference

http://secunia.com/advisories/18813 http://www.irmplc.com/advisory016.htm http://www.vupen.com/english/advisories/2006/0568 https://exchange.xforce.ibmcloud.com/vulnerabilities/24714