Security Issue for Project Directory Information Disclosure Vulnerability Note

Security researcher Alphazorx aka technically.screwed have reported via ZDI that a vulnerability may occur when a specially crafted URL could download certain files in the project directory.

IGX developers have patched the reported vulnerability and released the fix on the following day. The fix has been included in latest Release which can be obained at this link: http://www.integraxor.com/download/beta.msi?4.1.4369. All previous release before build 4369 will have this vulnerability impact. Please download and use this build or any later release to fix this vulnerability. We wish to take this opportunity to remind user to use VPN for any Internet facing system.

Summary of Event

07-Nov-2013: ICS CERT contacted IntegraXor support team.
08-Nov-2013: Technical report for the vulnerability is received.
08-Nov-2013: Security fixed is issued for validation & general download.
05-Dec-2013: ICS CERT proposed to proceed without researcher validation.
20-Dec-2013: Public announcement is made by IntegraXor support team.

Security Issue for Project Directory Information Disclosure Vulnerability Note

Security Issue for Project Directory Information Disclosure Vulnerability Note

Summary of Event

ECAVA INTEGRAXOR

WHY ECAVA IGX?

Online DEMO

DOWNLOAD

BUY

SUPPORT

JOIN US

SUCCESS STORIES

EMAIL US

ABOUT

CALL US

(c) 2020 ecava