CVE-2007-6197

BEA AquaLogic Interaction <6.0.1.218452 - Info Disclosure

Title source: llm

Description

The Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows remote attackers to obtain version numbers and internal hostnames by reading comments in the HTML source of any page.

References (6)

[Exploit] http://procheckup.com/Vulnerability_PR06-08.php

[Exploit] http://procheckup.com/Vulnerability_PR06-09.php

[Patch, Vendor Advisory] http://secunia.com/advisories/27840

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/484467/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1019005

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/4040

Scores

EPSS 0.0060

EPSS Percentile 69.0%

Classification

CWE

CWE-200

Status draft

Affected Products (4)

bea/aqualogic_interaction

Timeline

Published Dec 01, 2007

Tracked Since Feb 18, 2026