Authorization Bypass in ViewVC Query Interface
CVE-2010-0005

Currently unrated

Key Information:

Vendor

Viewvc

Status
Viewvc
Vendor
CVE Published:
29 January 2010

What is CVE-2010-0005?

A flaw in the query.py file of the ViewVC query interface prior to version 1.1.3 allows unauthorized users to bypass established access controls by specifying an unsupported authorizer for a root. This can lead to exposure of sensitive information or unauthorized data manipulation by remote attackers, who may exploit this misconfiguration.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANG...
x_refsource_CONFIRM
https://www.redhat.com/archives/fedora-package-announce/2...
vendor-advisoryx_refsource_FEDORA
http://www.openwall.com/lists/oss-security/2010/01/13/5
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.