9.3

CVE-2010-1326

EPSS 0.95%
Veröffentlicht 15.09.2010 18:00:03
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02, 2.5.03 before build 3736, 2.5.04 before build 2862; CVS Suite 2.5.03, 2008 before build 3736, and 2009 before 3729 allows remote attackers to bypass the permissions check, modify arbitrary modules and directories within CVSROOT, and execute arbitrary code via a crafted branch name ACL, possibly related to incorrect inheritance.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

March-hare ≫ Cvs Suite Version2.5.03

March-hare ≫ Cvs Suite Version2008

March-hare ≫ Cvs Suite Version2009 Updatepre-release

March-hare ≫ Cvsnt Version2.0.58

March-hare ≫ Cvsnt Version2.5.01

March-hare ≫ Cvsnt Version2.5.02

March-hare ≫ Cvsnt Version2.5.03

March-hare ≫ Cvsnt Version2.5.04

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.95%	0.76

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=593884

http://customer.march-hare.com/webtools/bugzilla/attachment.cgi?tt=1&id=1790&action=view

http://march-hare.com/cvspro/vuln.htm

Vendor Advisory

http://secunia.com/advisories/41345

Vendor Advisory

http://secunia.com/advisories/41358

Vendor Advisory

http://www.debian.org/security/2010/dsa-2108

http://www.vupen.com/english/advisories/2010/2350

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2010-1326

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-1326

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-1326

EUVD