Lucene search
HistoryOct 03, 2022 - 4:14 p.m.
CVE-2007-1406
cve-2007-1406
trac
content-disposition
http header
attachment
remote attack vectors
nvd
6.5 Medium
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
58.1%
Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain “unsafe” situations, which has unknown impact and remote attack vectors.
Affected configurations
Node
edgewall_softwaretracMatch0.10
ORedgewall_softwaretracMatch0.10.1
ORedgewall_softwaretracMatch0.10.2
ORedgewall_softwaretracMatch0.10.3
References
Related
github
github
Trac missing Content-Disposition HTTP header
2022-05-01 17:53:20
ubuntucve
ubuntucve
CVE-2007-1406
2007-03-10 00:00:00
osv
osv
PYSEC-2007-3
2007-03-10 22:19:00
debiancve
debiancve
CVE-2007-1406
2022-10-03 16:14:23
nvd
nvd
CVE-2007-1406
2007-03-10 22:19:00
prion
prion
Design/Logic Flaw
2007-03-10 22:19:00
cvelist
cvelist
CVE-2007-1406
2022-10-03 16:14:23
securityvulns
securityvulns
Trac content displaying vulnerability
2007-03-12 00:00:00
6.5 Medium
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
58.1%
Related for CVE-2007-1406