Lucene search
Ubuntu.comUB:CVE-2012-1120HistoryJun 29, 2012 - 12:00 a.m.
CVE-2012-1120
2012-06-2900:00:00
ubuntu.com
ubuntu.com
9
3.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:N/I:P/A:P
0.002 Low
EPSS
Percentile
60.1%
The SOAP API in MantisBT before 1.2.9 does not properly enforce the
bugnote_allow_user_edit_delete and delete_bug_threshold permissions, which
allows remote authenticated users with read and write SOAP API privileges
to delete arbitrary bug reports and bug notes.
Bugs
Related
cve
cve
CVE-2012-1120
2012-06-29 19:55:02
cvelist
cvelist
CVE-2012-1120
2012-06-29 19:00:00
prion
prion
Code injection
2012-06-29 19:55:00
nvd
nvd
CVE-2012-1120
2012-06-29 19:55:02
debian
debian
[SECURITY] [DSA 2500-1] mantis security update
2012-06-24 12:12:36
openvas
openvas
Debian: Security Advisory (DSA-2500-1)
2012-08-10 00:00:00
Debian Security Advisory DSA 2500-1 (mantis)
2012-08-10 00:00:00
Fedora Update for mantis FEDORA-2012-18294
2012-11-26 00:00:00
osv
osv
mantis - several
2012-06-24 00:00:00
nessus
nessus
Debian DSA-2500-1 : mantis - several vulnerabilities
2012-06-29 00:00:00
Fedora 18 : mantis-1.2.12-1.fc18 (2012-18273)
2012-11-26 00:00:00
Fedora 17 : mantis-1.2.12-1.fc17 (2012-18294)
2012-11-26 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: mantis-1.2.12-1.fc18
2012-11-23 07:56:23
[SECURITY] Fedora 16 Update: mantis-1.2.12-1.fc16
2012-11-24 03:24:38
[SECURITY] Fedora 17 Update: mantis-1.2.14-1.fc17
2013-04-01 03:32:44
gentoo
gentoo
MantisBT: Multiple vulnerabilities
2012-11-08 00:00:00
3.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:N/I:P/A:P
0.002 Low
EPSS
Percentile
60.1%
Related for UB:CVE-2012-1120