CVE-1999-1006

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Dec 19, 1999
Updated: Nov 20, 2024

Summary

CVE-1999-1006 is a vulnerability affecting the Groupwise web server and its GWWEB.EXE component. An attacker can exploit this issue by manipulating the HELP parameter in a remote request, potentially gaining knowledge of the web server's real path. This information leak can be used for further attacks or unauthorized access to sensitive data. Although not directly leading to remote code execution, this vulnerability can significantly weaken the security posture of affected systems. Organizations using Groupwise web servers are advised to apply available patches or workarounds to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Novell GroupWise

Affected Vendors

  • Novell Inc