CVE-2010-0005

Published: Jan 29, 2010

Modified: Sep 16, 2024

PUBLISHED

Description

query.py in the query interface in ViewVC before 1.1.3 does not reject configurations that specify an unsupported authorizer for a root, which might allow remote attackers to bypass intended access restrictions via a query.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?r1=2242&r2=2313&pathrev=HEAD

x_refsource_CONFIRM

FEDORA-2009-13610

vendor-advisory

x_refsource_FEDORA

[oss-security] 20100113 Re: CVE Request: viewvc

mailing-list

x_refsource_MLIST

FEDORA-2009-13634

vendor-advisory

x_refsource_FEDORA

[oss-security] 20100111 CVE Request: viewvc

mailing-list

x_refsource_MLIST

SUSE-SA:2010:008

vendor-advisory

x_refsource_SUSE

http://viewvc.tigris.org/source/browse/viewvc?view=rev&revision=2300

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2010-0005

Description

Affected Products

References