CVE-2008-1292

NONECVSS 0.0

0.0

ViewVC before 1.0.5 provides revision metadata without properly checking whether access was intended, which allows remote attackers to obtain sensitive information by reading (1) forbidden pathnames in the revision view, (2) log history that can only be reached by traversing a forbidden object, or (3) forbidden diff view path parameters.

🔗 References (16)

cve@mitrehttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=471380
cve@mitrehttp://bugs.gentoo.org/show_bug.cgi?id=212288
cve@mitrehttp://secunia.com/advisories/29176
cve@mitrehttp://secunia.com/advisories/29460
cve@mitrehttp://security.gentoo.org/glsa/glsa-200803-29.xml
cve@mitrehttp://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?rev=HEAD
cve@mitrehttp://www.securityfocus.com/bid/28055
cve@mitrehttp://www.vupen.com/english/advisories/2008/0734/references
af854a3a-2127-422b-91ae-364da2661108http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=471380
af854a3a-2127-422b-91ae-364da2661108http://bugs.gentoo.org/show_bug.cgi?id=212288
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29176
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29460
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200803-29.xml
af854a3a-2127-422b-91ae-364da2661108http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?rev=HEAD
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/28055

Is Your Infrastructure Affected by CVE-2008-1292?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-1292

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-1292?