Information Disclosure Vulnerability in ViewVC by Tigris.org
CVE-2012-3357

Currently unrated

Key Information:

Vendor

Viewvc

Status
Viewvc
Vendor
CVE Published:
22 July 2012

What is CVE-2012-3357?

The SVN revision view component in ViewVC prior to version 1.1.15 is susceptible to an information disclosure vulnerability. This flaw occurs when the system fails to handle log messages properly during the processing of paths that have differing read permissions. Consequently, this oversight allows unauthenticated remote attackers to exploit the system, potentially leading to the leakage of sensitive log messages from readable paths upon copying them from unreadable ones. Such a vulnerability could have serious implications for user privacy and the integrity of sensitive data managed within the application.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.openwall.com/lists/oss-security/2012/06/25/8
mailing-listx_refsource_MLIST
https://exchange.xforce.ibmcloud.com/vulnerabilities/76615
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/54199
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.