CVE-2010-0004

Published: Jan 29, 2010

Modified: Sep 16, 2024

PUBLISHED

Description

ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote attackers to discover private root names by reading this view.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?r1=2242&r2=2313&pathrev=HEAD

x_refsource_CONFIRM

FEDORA-2009-13610

vendor-advisory

x_refsource_FEDORA

[oss-security] 20100113 Re: CVE Request: viewvc

mailing-list

x_refsource_MLIST

FEDORA-2009-13634

vendor-advisory

x_refsource_FEDORA

[oss-security] 20100111 CVE Request: viewvc

mailing-list

x_refsource_MLIST

http://viewvc.tigris.org/source/browse/%2Acheckout%2A/viewvc/trunk/docs/release-notes/1.1.0.html?revision=2222

x_refsource_CONFIRM

[oss-security] 20100114 Re: CVE Request: viewvc

mailing-list

x_refsource_MLIST

SUSE-SA:2010:008

vendor-advisory

x_refsource_SUSE

http://viewvc.tigris.org/source/browse/viewvc?view=rev&revision=2300

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2010-0004

Description

Affected Products

References