Lucene search

Ubuntu.comUB:CVE-2006-7218

HistoryJul 06, 2007 - 12:00 a.m.

CVE-2006-7218

2007-07-0600:00:00

ubuntu.com

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

47.8%

JSON

eZ publish before 3.8.1 does not properly enforce permissions for “content
edit Language” when there are four or more languages, which allows remote
authenticated users to perform translations into languages that are not
listed in a Module Function Limitation policy.

References

launchpad.net/bugs/cve/CVE-2006-7218

nvd.nist.gov/vuln/detail/CVE-2006-7218

security-tracker.debian.org/tracker/CVE-2006-7218

www.cve.org/CVERecord?id=CVE-2006-7218

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

47.8%

JSON

Related for UB:CVE-2006-7218