Content-Type Misinterpretation in ViewVC Product
CVE-2008-4325

Currently unrated

Key Information:

Vendor

Viewvc

Status
Viewvc
Vendor
CVE Published:
30 September 2008

What is CVE-2008-4325?

A vulnerability exists in the ViewVC 1.0.5 due to improper handling of the content-type parameter within HTTP requests, which can lead to inconsistent Content-Type headers in HTTP responses. This inconsistency may allow remote attackers to manipulate browser interpretation of content, potentially leading to unauthorized access or disclosure of sensitive information. However, exploiting this vulnerability would require attacker access to the targeted repository.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://viewvc.tigris.org/source/browse/viewvc?rev=1978&vi...
x_refsource_CONFIRM
http://viewvc.tigris.org/source/browse/viewvc/trunk/lib/v...
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2008/09/19/4
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.