2.1
CVE-2007-2448
- EPSS 1.53%
- Veröffentlicht 14.06.2007 23:30:00
- Zuletzt bearbeitet 16.06.2026 22:39:37
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Subversion 1.4.3 and earlier does not properly implement the "partial access" privilege for users who have access to changed paths but not copied paths, which allows remote authenticated users to obtain sensitive information (revision properties) via svn (1) propget, (2) proplist, or (3) propedit.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Subversion ≫ Subversion Version <= 1.4.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.53% | 0.714 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:N/AC:H/Au:S/C:P/I:N/A:N
|
http://osvdb.org/36070
http://secunia.com/advisories/43139
http://securitytracker.com/id?1018237
http://subversion.tigris.org/security/CVE-2007-2448-advisory.txt
http://www.securityfocus.com/bid/24463
http://www.ubuntu.com/usn/USN-1053-1
http://www.vupen.com/english/advisories/2007/2230
http://www.vupen.com/english/advisories/2011/0264
https://issues.rpath.com/browse/RPL-1896