CVE-2007-6197

The Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows remote attackers to obtain version numbers and internal hostnames by reading comments in the HTML source of any page.

Published: Dec 1, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-6197
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
bea / aqualogic_interaction	6.0.1.218452	6.0.1.218452.x
bea / aqualogic_interaction	5.0.2	5.0.2.x
bea / aqualogic_interaction	5.0.3	5.0.3.x
bea / aqualogic_interaction	5.0.4	5.0.4.x

http://procheckup.com/Vulnerability_PR06-08.php
http://procheckup.com/Vulnerability_PR06-09.php
http://secunia.com/advisories/27840
http://www.securityfocus.com/archive/1/484467/100/0/threaded
http://www.securitytracker.com/id?1019005
http://www.vupen.com/english/advisories/2007/4040

Vulnerability Database

CVE-2007-6197