CVE-2004-1223 - Synchronous Weight

Description

The Management Agent in F-Secure Policy Manager 5.11.2810 allows remote attackers to gain sensitive information such as the absolute path for the web server via an HTTP request to fsmsh.dll without any parameters.

Reference

http://www.securityfocus.com/bid/11869 http://www.oliverkarow.de/research/f-secure.txt http://marc.info/?l=bugtraq&m=110262921306862&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18413 fsecure-url-obtain-information(18413)