Phase:Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users.
ReferencesBUGTRAQ:Tuesday, August 24, 1999 Front Page form_results | URL:http://marc.theaimsgroup.com/?l=bugtraq&m=93582550911564&w=2
Votes:Proposed (Wednesday, September 12, 2001)
Comments: ACCEPT(1) Wall | MODIFY(1) Frech | NOOP(2) Foat, Cole
F7: Frech> XF:frontpage-formresults-world-readable(8362)