Lucene search

Ubuntu.comUB:CVE-2005-4851

HistoryDec 31, 2005 - 12:00 a.m.

CVE-2005-4851

2005-12-3100:00:00

ubuntu.com

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

36.2%

JSON

eZ publish 3.4.4 through 3.7 before 20050722 applies certain permissions on
the node level, which allows remote authenticated users to bypass the
original permissions on embedded objects in XML fields and read these
objects.

References

launchpad.net/bugs/cve/CVE-2005-4851

nvd.nist.gov/vuln/detail/CVE-2005-4851

security-tracker.debian.org/tracker/CVE-2005-4851

www.cve.org/CVERecord?id=CVE-2005-4851

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

36.2%

JSON

Related for UB:CVE-2005-4851