Information Disclosure in ViewVC Affected by Tigris Group
CVE-2008-1292

Currently unrated

Key Information:

Vendor

Viewvc

Status
Viewvc
Vendor
CVE Published:
24 March 2008

What is CVE-2008-1292?

ViewVC versions before 1.0.5 have a vulnerability that allows remote attackers to access sensitive revision metadata without proper authentication checks. This can lead to unauthorized disclosure of forbidden pathnames, log histories, and diff views that should be inaccessible, potentially exposing sensitive project information and compromising system integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://security.gentoo.org/glsa/glsa-200803-29.xml
vendor-advisoryx_refsource_GENTOO
http://secunia.com/advisories/29460
third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/29176
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.