Lucene search
K

370 matches found

Tenable Nessus
Tenable Nessus
added 2008/03/04 12:0 a.m.13 views

Fedora 7 : viewvc-1.0.5-1.fc7 (2008-2143)

These security issues have been fixed: - omit commits of all-forbidden files from query results - disallow direct URL navigation to hidden CVSROOT folder - strip forbidden paths from revision view - don't traverse log history thru forbidden locations - honor forbiddenness via diff view path...

5.5AI score
Exploits0References2
Fedora
Fedora
added 2008/03/01 9:27 a.m.15 views

[SECURITY] Fedora 8 Update: viewvc-1.0.5-1.fc8

ViewVC is a browser interface for CVS and Subversion version control repositories. It generates templatized HTML to present navigable directory, revision, and change log listings. It can display specific versions of files as well as diffs between those versions. Basically, ViewVC provides the bul...

1.5AI score
Exploits0
Fedora
Fedora
added 2008/03/01 9:26 a.m.10 views

[SECURITY] Fedora 7 Update: viewvc-1.0.5-1.fc7

ViewVC is a browser interface for CVS and Subversion version control repositories. It generates templatized HTML to present navigable directory, revision, and change log listings. It can display specific versions of files as well as diffs between those versions. Basically, ViewVC provides the bul...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2007/03/28 12:0 a.m.50 views

Update: ViewCVS and ViewVC 'checkout view' content type fixation issue

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi! Moritz Naumann wrote: This does not impact how much the rest of my report applies. My findings are now being discussed on the ViewVC developers mailing list 1. They apparently also impact ViewVC. Whether and to which degree what I am reporting c...

0.1AI score
Exploits0
NVD
NVD
added 2006/10/21 12:7 a.m.16 views

CVE-2006-5442

ViewVC 1.0.2 and earlier does not specify a charset in its HTTP headers or HTML documents, which allows remote attackers to conduct cross-site scripting XSS attacks that inject arbitrary UTF-7 encoded JavaScript code via a view...

6.8CVSS5.7AI score0.01525EPSS
Exploits0References8
OSV
OSV
added 2006/10/21 12:7 a.m.7 views

CVE-2006-5442

ViewVC 1.0.2 and earlier does not specify a charset in its HTTP headers or HTML documents, which allows remote attackers to conduct cross-site scripting XSS attacks that inject arbitrary UTF-7 encoded JavaScript code via a view...

5.9AI score
Exploits0References8
CVE
CVE
added 2006/10/21 12:0 a.m.49 views

CVE-2006-5442

ViewVC 1.0.2 and earlier is affected by a cross-site scripting (XSS) vulnerability caused by not specifying a charset in HTTP headers or HTML documents. This allows remote attackers to inject arbitrary UTF-7 encoded JavaScript via a view. The affected software is ViewVC, version 1.0.2 and earlier...

6.8CVSS5.7AI score0.01525EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2006/10/21 12:0 a.m.22 views

CVE-2006-5442

ViewVC 1.0.2 and earlier does not specify a charset in its HTTP headers or HTML documents, which allows remote attackers to conduct cross-site scripting XSS attacks that inject arbitrary UTF-7 encoded JavaScript code via a view...

5.7AI score0.01525EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2006/10/21 12:0 a.m.15 views

CVE-2006-5442

Removed by vendor...

6.8CVSS7AI score0.01525EPSS
Exploits0
securityvulns
securityvulns
added 2006/10/15 12:0 a.m.48 views

[Full-disclosure] Advisory 10/2006: ViewVC Undefined Charset UTF-7 XSS Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Happy Python Hackers Project www.hardened-php.net -= Security Advisory =- Advisory: ViewVC Undefined Charset UTF-7 XSS Vulnerability Release Date: 2006/10/15 Last Modified: 2006/10/15 Author: Stefan Esser [email protected] Application: ViewVC =...

0.5AI score
Exploits0
Rows per page
Query Builder