2.1

CVE-2007-2448

Subversion 1.4.3 and earlier does not properly implement the "partial access" privilege for users who have access to changed paths but not copied paths, which allows remote authenticated users to obtain sensitive information (revision properties) via svn (1) propget, (2) proplist, or (3) propedit.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SubversionSubversion Version <= 1.4.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.53% 0.714
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:N/AC:H/Au:S/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://osvdb.org/36070
http://secunia.com/advisories/43139
http://securitytracker.com/id?1018237
Patch
http://subversion.tigris.org/security/CVE-2007-2448-advisory.txt
http://www.securityfocus.com/bid/24463
Patch
http://www.ubuntu.com/usn/USN-1053-1
http://www.vupen.com/english/advisories/2007/2230
http://www.vupen.com/english/advisories/2011/0264
https://issues.rpath.com/browse/RPL-1896