Lucene search
PRIOn knowledge basePRION:CVE-2012-0215HistoryJul 12, 2012 - 8:55 p.m.
Code injection
2012-07-1220:55:00
PRIOn knowledge base
www.prio-n.com
6
model/modelstorage.py in the Tryton application framework (trytond) before 2.4.0 for Python does not properly restrict access to the Many2Many field in the relation model, which allows remote authenticated users to modify the privileges of arbitrary users via a (1) create, (2) write, (3) delete, or (4) copy rpc call.
Related
nessus
nessus
Fedora 15 : trytond-1.8.6-1.fc15 (2012-4988)
2012-04-09 00:00:00
Debian DSA-2444-1 : tryton-server - privilege escalation
2012-03-30 00:00:00
Fedora 16 : trytond-2.0.4-1.fc16 (2012-4963)
2012-04-09 00:00:00
openvas
openvas
Fedora Update for trytond FEDORA-2012-4963
2012-04-11 00:00:00
Fedora Update for trytond FEDORA-2012-4923
2012-08-30 00:00:00
Fedora Update for trytond FEDORA-2012-4963
2012-04-11 00:00:00
nvd
nvd
CVE-2012-0215
2012-07-12 20:55:09
fedora
fedora
[SECURITY] Fedora 17 Update: trytond-2.2.2-1.fc17
2012-04-12 03:33:05
[SECURITY] Fedora 16 Update: trytond-2.0.4-1.fc16
2012-04-08 03:29:12
[SECURITY] Fedora 15 Update: trytond-1.8.6-1.fc15
2012-04-08 03:32:36
debiancve
debiancve
CVE-2012-0215
2022-10-03 16:15:38
cvelist
cvelist
CVE-2012-0215
2022-10-03 16:15:38
securityvulns
securityvulns
[SECURITY] [DSA 2444-1] tryton-server security update
2012-04-09 00:00:00
ubuntucve
ubuntucve
CVE-2012-0215
2012-07-12 00:00:00
osv
osv
PYSEC-2012-6
2012-07-12 20:55:00
Trytond allows modification of privileges of arbitrary users
2022-05-04 00:28:50
cve
cve
CVE-2012-0215
2022-10-03 16:15:38
debian
debian
[SECURITY] [DSA 2444-1] tryton-server security update
2012-03-29 06:06:23
github
github
Trytond allows modification of privileges of arbitrary users
2022-05-04 00:28:50
seebug
seebug
Python 'trytond'模块'Many2Many'字段安全限制绕过漏洞
2012-03-30 00:00:00