[ MDVSA-2015:167 ] glpi

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:167 http://www.mandriva.com/en/support/security/ Package : glpi Date : March 30, 2015 Affected: Business Server 2.0 Problem Description: Updated glpi package fixes security vulnerabilities: Due to a bug in...

CVE-2014-5032

GLPI before 0.84.7 does not properly restrict access to cost information, which allows remote attackers to obtain sensitive information via the cost criteria in the search bar...

CVE-2014-5032

GLPI before 0.84.7 does not properly restrict access to cost information, which allows remote attackers to obtain sensitive information via the cost criteria in the search bar...

UBUNTU-CVE-2014-5032

GLPI before 0.84.7 does not properly restrict access to cost information, which allows remote attackers to obtain sensitive information via the cost criteria in the search bar...

CVE-2014-5032

GLPI

CVE-2014-5032

GLPI before 0.84.7 does not properly restrict access to cost information, which allows remote attackers to obtain sensitive information via the cost criteria in the search bar...

Mandriva Linux Security Advisory : glpi (MDVSA-2015:167)

Updated glpi package fixes security vulnerabilities : Due to a bug in GLPI before 0.84.7, a user without access to cost information can in fact see the information when selecting cost as a search criteria CVE-2014-5032. An issue in GLPI before 0.84.8 may allow arbitrary local files to be included...

MGASA-2015-0017 Updated glpi package fixes security vulnerabilities

Updated glpi package fixes security vulnerabilities: Due to a bug in GLPI before 0.84.7, a user without access to cost information can in fact see the information when selecting cost as a search criteria CVE-2014-5032. An issue in GLPI before 0.84.8 may allow arbitrary local files to be included ...