The SVN revision view (lib/vclib/svn/svn_repos.py) in ViewVC before 1.1.15 does not properly handle log messages when a readable path is copied from an unreadable path, which allows remote attackers to obtain sensitive information, related to a "log msg leak."
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:40
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/83227 - | |
References | () http://viewvc.tigris.org/source/browse/viewvc?view=rev&revision=2758 - | |
References | () http://www.debian.org/security/2012/dsa-2563 - | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2013:134 - | |
References | () http://www.openwall.com/lists/oss-security/2012/06/25/8 - | |
References | () http://www.securityfocus.com/bid/54199 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/76615 - | |
References | () https://lwn.net/Articles/505096/ - | |
References | () https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0175 - |
Information
Published : 2012-07-22 16:55
Updated : 2024-11-21 01:40
NVD link : CVE-2012-3357
Mitre link : CVE-2012-3357
CVE.ORG link : CVE-2012-3357
JSON object : View
Products Affected
viewvc
- viewvc
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor