CVE-2009-4762
6.5 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.018 Low
EPSS
Percentile
88.0%
MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inappropriate circumstances during processing of hierarchical ACLs, which allows remote attackers to bypass intended access restrictions by requesting an item, a different vulnerability than CVE-2008-6603.
Affected configurations
References
hg.moinmo.in/moin/1.7/rev/897cdbe9e8f2
hg.moinmo.in/moin/1.8/rev/897cdbe9e8f2
moinmo.in/SecurityFixes
secunia.com/advisories/39887
ubuntu.com/usn/usn-941-1
www.debian.org/security/2010/dsa-2014
www.securityfocus.com/bid/35277
www.vupen.com/english/advisories/2010/0600
www.vupen.com/english/advisories/2010/1208
Related
6.5 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.018 Low
EPSS
Percentile
88.0%