Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6383

Overview

Vulnerability Score 5.5 5.5
CVE Id CVE-2007-6383
Last Modified 07 Mar 2011 10:02:35
Published 14 Dec 2007 09:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2007-6383

Summary

The DAV component in Chandler Server (Cosmo) before 0.10.1 does not check resource creation permissions, which allows remote authenticated users to create arbitrary resources in another user's home collection.

Vulnerable Systems

Application

  • Chandler Project Chandler Server 0.10


References

MISC - https://bugzilla.osafoundation.org/show_bug.cgi?id=11587

VUPEN - ADV-2007-4214

OSVDB - 44152

MLIST - [cosmo-dev] 20071207 Chandler Server (Cosmo) 0.10.1 released


Last Updated: 27 May 2016 10:46:28