Notified:  September 18, 2003 Updated: October 09, 2003

Status

Affected

Vendor Statement

CyberDOCS - Potential to Reveal CyberDOCS Web Server Installation Path in Error Message Problem: In CyberDOCS (versions 3.5.1, 3.9, and 4.0), it is possible to display the DM Web Server installation path in certain error messages when incorrect logon credentials are entered. Resolution: This issue is resolved in CyberDOCS 4.0 Patch 4, which can be downloaded from Hummingbird's website at the following location: Reference: SD017066

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.