CVE-2006-5715 Information

Description

Easy File Sharing (EFS) Easy Address Book 1.2 when run on an NTFS file system allows remote attackers to read arbitrary files under the web root by appending ::$DATA\ to the end of an HTTP GET request which accesses the alternate data stream.

Reference

http://secunia.com/advisories/22681 http://www.securityfocus.com/bid/20861 http://www.vupen.com/english/advisories/2006/4312 https://exchange.xforce.ibmcloud.com/vulnerabilities/29976 https://www.exploit-db.com/exploits/2699