Lucene search
RootSSV:60020HistoryMar 30, 2012 - 12:00 a.m.
Python 'trytond'模块'Many2Many'字段安全限制绕过漏洞
2012-03-3000:00:00
Root
www.seebug.org
11
0.006 Low
EPSS
Percentile
75.0%
BUGTRAQ ID: 52804
CVE ID: CVE-2012-0215
Python是一种面向对象、直译式计算机程序设计语言,也是一种功能强大的通用型语言。
Python在trytond模块验证访问关系模型中的"Many2Many"字段的权限时,在实现上存在安全漏洞,可被利用添加用户到其他组并获取其他权限。
0
Debian Linux 6.0 x
Python trytond 2.2.1
厂商补丁:
Python
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Related
nessus
nessus
Fedora 16 : trytond-2.0.4-1.fc16 (2012-4963)
2012-04-09 00:00:00
Fedora 17 : trytond-2.2.2-1.fc17 (2012-4923)
2012-04-12 00:00:00
Debian DSA-2444-1 : tryton-server - privilege escalation
2012-03-30 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: trytond-1.8.6-1.fc15
2012-04-08 03:32:36
[SECURITY] Fedora 17 Update: trytond-2.2.2-1.fc17
2012-04-12 03:33:05
[SECURITY] Fedora 16 Update: trytond-2.0.4-1.fc16
2012-04-08 03:29:12
osv
osv
PYSEC-2012-6
2012-07-12 20:55:00
Trytond allows modification of privileges of arbitrary users
2022-05-04 00:28:50
openvas
openvas
Fedora Update for trytond FEDORA-2012-4988
2012-04-11 00:00:00
Debian Security Advisory DSA 2444-1 (tryton-server)
2012-04-30 00:00:00
Debian: Security Advisory (DSA-2444-1)
2012-04-30 00:00:00
ubuntucve
ubuntucve
CVE-2012-0215
2012-07-12 00:00:00
prion
prion
Code injection
2012-07-12 20:55:00
securityvulns
securityvulns
[SECURITY] [DSA 2444-1] tryton-server security update
2012-04-09 00:00:00
debiancve
debiancve
CVE-2012-0215
2012-07-12 20:55:00
debian
debian
[SECURITY] [DSA 2444-1] tryton-server security update
2012-03-29 06:06:23
cve
cve
CVE-2012-0215
2012-07-12 20:55:00
github
github
Trytond allows modification of privileges of arbitrary users
2022-05-04 00:28:50