Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-0004HistoryOct 03, 2022 - 4:21 p.m.
CVE-2010-0004
2022-10-0316:21:11
Debian Security Bug Tracker
security-tracker.debian.org
19
viewvc
listing
vulnerability
root names
authorizer
remote attackers
unix
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.006
Percentile
79.5%
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote attackers to discover private root names by reading this view.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 10 | all | viewvc | < 1.1.5-1 | viewvc_1.1.5-1_all.deb |
Related
prion
prion
Code injection
2010-01-29 18:30:00
cvelist
cvelist
CVE-2010-0004
2010-01-29 18:00:00
cve
cve
CVE-2010-0004
2010-01-29 18:30:00
ubuntucve
ubuntucve
CVE-2010-0004
2010-01-29 00:00:00
nvd
nvd
CVE-2010-0004
2010-01-29 18:30:00
nessus
nessus
Fedora 11 : viewvc-1.1.3-1.fc11 (2009-13634)
2009-12-29 00:00:00
openSUSE Security Update : viewvc (viewvc-1859)
2010-01-27 00:00:00
Fedora 12 : viewvc-1.1.3-1.fc12 (2009-13610)
2009-12-29 00:00:00
openvas
openvas
ViewVC Versions Prior to 1.1.3 Multiple Remote Vulnerabilities
2010-01-04 00:00:00
ViewVC < 1.1.3 Multiple Remote Vulnerabilities
2010-01-04 00:00:00
SuSE Update for acroread SUSE-SA:2010:008
2010-01-29 00:00:00
suse
suse
remote code execution in acroread
2010-01-26 16:40:23
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.006
Percentile
79.5%
Related for DEBIANCVE:CVE-2010-0004