Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4854

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-4854
Last Modified 28 Jul 2015 10:55:23
Published 31 Dec 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4854

Summary

eZ publish 3.5 through 3.7 before 20050830 does not use a folder's read permissions to restrict notifications, which allows remote authenticated users to obtain sensitive information about changes to content in arbitrary folders.

Vulnerable Systems

Application

  • Ez Publish 3.5.0

  • Ez Publish 3.5.1

  • Ez Publish 3.5.10

  • Ez Publish 3.5.11

  • Ez Publish 3.5.2

  • Ez Publish 3.5.3

  • Ez Publish 3.5.4

  • Ez Publish 3.5.5

  • Ez Publish 3.5.6

  • Ez Publish 3.5.7

  • Ez Publish 3.5.8

  • Ez Publish 3.5.9

  • Ez Publish 3.6.0

  • Ez Publish 3.6.1

  • Ez Publish 3.6.10

  • Ez Publish 3.6.11

  • Ez Publish 3.6.12

  • Ez Publish 3.6.2

  • Ez Publish 3.6.3

  • Ez Publish 3.6.4

  • Ez Publish 3.6.5

  • Ez Publish 3.6.6

  • Ez Publish 3.6.7

  • Ez Publish 3.6.8

  • Ez Publish 3.6.9

  • Ez Publish 3.7.0

  • Ez Publish 3.7.1

  • Ez Publish 3.7.10

  • Ez Publish 3.7.11

  • Ez Publish 3.7.12

  • Ez Publish 3.7.2

  • Ez Publish 3.7.3

  • Ez Publish 3.7.4

  • Ez Publish 3.7.5

  • Ez Publish 3.7.6

  • Ez Publish 3.7.7

  • Ez Publish 3.7.8

  • Ez Publish 3.7.9


References

CONFIRM - http://issues.ez.no/6355

CONFIRM - http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_6_x_3_7_x_to_3_8_0


Last Updated: 27 May 2016 11:09:26