Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-0005HistoryOct 03, 2022 - 4:21 p.m.
CVE-2010-0005
2022-10-0316:21:11
Debian Security Bug Tracker
security-tracker.debian.org
15
viewvc
query interface
vulnerability
remote attackers
access restrictions
unix
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.013
Percentile
86.4%
query.py in the query interface in ViewVC before 1.1.3 does not reject configurations that specify an unsupported authorizer for a root, which might allow remote attackers to bypass intended access restrictions via a query.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 10 | all | viewvc | < 1.1.5-1 | viewvc_1.1.5-1_all.deb |
Related
prion
prion
Design/Logic Flaw
2010-01-29 18:30:00
cve
cve
CVE-2010-0005
2010-01-29 18:30:01
cvelist
cvelist
CVE-2010-0005
2010-01-29 18:00:00
nvd
nvd
CVE-2010-0005
2010-01-29 18:30:01
ubuntucve
ubuntucve
CVE-2010-0005
2010-01-29 00:00:00
openvas
openvas
ViewVC < 1.1.3 Multiple Remote Vulnerabilities
2010-01-04 00:00:00
ViewVC Versions Prior to 1.1.3 Multiple Remote Vulnerabilities
2010-01-04 00:00:00
SuSE Update for acroread SUSE-SA:2010:008
2010-01-29 00:00:00
nessus
nessus
Fedora 11 : viewvc-1.1.3-1.fc11 (2009-13634)
2009-12-29 00:00:00
openSUSE Security Update : viewvc (viewvc-1859)
2010-01-27 00:00:00
Fedora 12 : viewvc-1.1.3-1.fc12 (2009-13610)
2009-12-29 00:00:00
suse
suse
remote code execution in acroread
2010-01-26 16:40:23
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.013
Percentile
86.4%
Related for DEBIANCVE:CVE-2010-0005