Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-2563-1
HistoryOct 23, 2012 - 12:00 a.m.

viewvc - several

2012-10-2300:00:00
Google
osv.dev
9

EPSS

0.019

Percentile

88.7%

JSON

Several vulnerabilities were found in ViewVC, a web interface for CVS
and Subversion repositories.

Remote attackers can bypass the cvsdb row_limit
configuration setting, and consequently conduct resource-consumption
attacks via the limit parameter.

The remote Subversion views functionality does not properly
perform authorization, which allows remote attackers to bypass intended
access restrictions.

The Subversion revision view does not properly handle log
messages when a readable path is copied from an unreadable path, which
allows remote attackers to obtain sensitive information.

function name lines returned by diff are not properly
escaped, allowing attackers with commit access to perform cross site
scripting.

For the stable distribution (squeeze), these problems have been fixed in
version 1.1.5-1.1+squeeze2.

For the testing distribution (wheezy), these problems will be fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 1.1.5-1.4.

We recommend that you upgrade your viewvc packages.

Related

securityvulns 2
openvas 14
debian 1
nessus 13
fedora 8
osv 1
cvelist 4
prion 4
cve 4
nvd 4
ubuntucve 4
debiancve 4
securityvulns
securityvulns
[SECURITY] [DSA 2563-1] viewvc security update
2012-10-29 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2012-10-29 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2563-1)
2012-10-29 00:00:00
Debian Security Advisory DSA 2563-1 (viewvc)
2012-10-29 00:00:00
Fedora Update for viewvc FEDORA-2012-9433
2012-08-30 00:00:00
debian
debian
[SECURITY] [DSA 2563-1] viewvc security update
2012-10-23 16:59:24
nessus
nessus
Debian DSA-2563-1 : viewvc - several vulnerabilities
2012-10-24 00:00:00
Mandriva Linux Security Advisory : viewvc (MDVSA-2013:134)
2013-04-20 00:00:00
openSUSE Security Update : viewvc (openSUSE-SU-2012:0831-1)
2014-06-13 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: viewvc-1.1.15-1.fc16
2012-07-11 23:58:08
[SECURITY] Fedora 17 Update: viewvc-1.1.15-1.fc17
2012-07-11 23:58:27
[SECURITY] Fedora 17 Update: viewvc-1.1.17-1.fc17
2012-11-06 07:49:59
osv
osv
viewvc-1.1.24-2.1 on GA media
2024-06-15 00:00:00
cvelist
cvelist
CVE-2012-3356
2012-07-22 16:00:00
CVE-2012-4533
2012-11-19 00:00:00
CVE-2012-3357
2012-07-22 16:00:00
prion
prion
Cross site scripting
2012-11-19 00:55:00
Authorization
2012-07-22 16:55:00
Path traversal
2012-07-22 16:55:00
cve
cve
CVE-2012-4533
2012-11-19 00:55:00
CVE-2012-3356
2012-07-22 16:55:39
CVE-2012-3357
2012-07-22 16:55:39
nvd
nvd
CVE-2012-3356
2012-07-22 16:55:39
CVE-2012-4533
2012-11-19 00:55:00
CVE-2012-3357
2012-07-22 16:55:39
ubuntucve
ubuntucve
CVE-2012-3356
2012-07-22 00:00:00
CVE-2012-3357
2012-07-22 00:00:00
CVE-2012-4533
2012-11-19 00:00:00
debiancve
debiancve
CVE-2012-3356
2012-07-22 16:55:39
CVE-2012-4533
2012-11-19 00:55:00
CVE-2012-3357
2012-07-22 16:55:39

EPSS

0.019

Percentile

88.7%

JSON
Related for OSV:DSA-2563-1
securityvulns2openvas14debian1nessus13fedora8osv1cvelist4prion4cve4nvd4ubuntucve4debiancve4