VYPR
Unrated severityNVD Advisory· Published Jun 14, 2004· Updated Jun 16, 2026

CVE-2004-0050

CVE-2004-0050

Description

Verity Ultraseek before 5.2.2 allows remote attackers to obtain the full pathname of the document root via an MS-DOS device name in the web search option, such as (1) NUL, (2) CON, (3) AUX, (4) COM1, (5) COM2, and others.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Verity/Ultraseek2 versions
    cpe:2.3:a:verity:ultraseek:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:verity:ultraseek:*:*:*:*:*:*:*:*range: <=5.2.1
    • (no CPE)range: <5.2.2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.