Lucene search
Ubuntu.comUB:CVE-2012-2692HistoryJun 17, 2012 - 12:00 a.m.
CVE-2012-2692
2012-06-1700:00:00
ubuntu.com
ubuntu.com
10
0.003 Low
EPSS
Percentile
71.6%
MantisBT before 1.2.11 does not check the delete_attachments_threshold
permission when form_security_validation is set to OFF, which allows remote
authenticated users with certain privileges to bypass intended access
restrictions and delete arbitrary attachments.
Bugs
References
www.mantisbt.org/bugs/changelog_page.php?version_id=148
www.mantisbt.org/bugs/view.php?id=14016
www.openwall.com/lists/oss-security/2012/06/09/1
www.openwall.com/lists/oss-security/2012/06/11/6
github.com/mantisbt/mantisbt/commit/ceafe6f0c679411b81368052633a63dd3ca06d9c
launchpad.net/bugs/cve/CVE-2012-2692
nvd.nist.gov/vuln/detail/CVE-2012-2692
security-tracker.debian.org/tracker/CVE-2012-2692
www.cve.org/CVERecord?id=CVE-2012-2692
Related
cvelist
cvelist
CVE-2012-2692
2012-06-17 01:00:00
cve
cve
CVE-2012-2692
2012-06-17 03:41:00
prion
prion
Design/Logic Flaw
2012-06-17 03:41:00
freebsd
freebsd
mantis -- multiple vulnerabilities
2012-06-09 00:00:00
openvas
openvas
FreeBSD Ports: mantis
2012-08-10 00:00:00
FreeBSD Ports: mantis
2012-08-10 00:00:00
Debian Security Advisory DSA 2500-1 (mantis)
2012-08-10 00:00:00
nessus
nessus
FreeBSD : mantis -- multiple vulnerabilities (55587adb-b49d-11e1-8df1-0004aca374af)
2012-06-13 00:00:00
Debian DSA-2500-1 : mantis - several vulnerabilities
2012-06-29 00:00:00
Fedora 16 : mantis-1.2.12-1.fc16 (2012-18299)
2012-11-26 00:00:00
debian
debian
[SECURITY] [DSA 2500-1] mantis security update
2012-06-24 12:12:54
osv
osv
mantis - several
2012-06-24 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: mantis-1.2.12-1.fc18
2012-11-23 07:56:23
[SECURITY] Fedora 16 Update: mantis-1.2.12-1.fc16
2012-11-24 03:24:38
[SECURITY] Fedora 17 Update: mantis-1.2.12-1.fc17
2012-11-24 03:25:38
gentoo
gentoo
MantisBT: Multiple vulnerabilities
2012-11-08 00:00:00