6
CVE-2012-4404
- EPSS 2.09%
- Veröffentlicht 10.09.2012 22:55:05
- Zuletzt bearbeitet 16.06.2026 23:44:57
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
security/__init__.py in MoinMoin 1.9 through 1.9.4 does not properly handle group names that contain virtual group names such as "All," "Known," or "Trusted," which allows remote authenticated users with virtual group membership to be treated as a member of the group.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.09% | 0.792 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6 | 6.8 | 6.4 |
AV:N/AC:M/Au:S/C:P/I:P/A:P
|
http://moinmo.in/SecurityFixes
http://secunia.com/advisories/50885
http://www.ubuntu.com/usn/USN-1604-1
http://hg.moinmo.in/moin/1.9/rev/7b9f39289e16
http://secunia.com/advisories/50474
http://secunia.com/advisories/50496
http://www.debian.org/security/2012/dsa-2538
http://www.openwall.com/lists/oss-security/2012/09/04/4
http://www.openwall.com/lists/oss-security/2012/09/05/2