CVE-1999-1418 - Spongiest Document

Description

ICQ99 ICQ web server build 1701 with \Active Homepage\ enabled generates allows remote attackers to determine the existence of files on the server by comparing server responses when a file exists (\404 Forbidden) versus when a file does not exist (\404 not found).

Reference

http://www.securityfocus.com/archive/1/13508 http://www.securityfocus.com/bid/246