← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master

« back to all changes in this revision

Viewing changes to active/CVE-2009-3580

  • Committer: Steve Beattie
  • Date: 2019-02-19 06:18:27 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219061827-oh57fzcfc1u9dlfk
The ubuntu-cve-tracker project has been converted to git.

Please use 'git clone https://git.launchpad.net/ubuntu-cve-tracker' to
get the converted tree.

Show diffs side-by-side

added added

removed removed

Lines of Context:
active/CVE-2009-3580
1
 
Candidate: CVE-2009-3580
2
 
PublicDate: 2009-12-23
3
 
References:
4
 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3580
5
 
Description:
6
 
 Cross-site request forgery (CSRF) vulnerability in am.pl in SQL-Ledger
7
 
 2.8.24 allows remote attackers to hijack the authentication of arbitrary
8
 
 users for requests that change a password via the login, new_password, and
9
 
 confirm_password parameters in a preferences action.
10
 
Ubuntu-Description:
11
 
Notes:
12
 
Bugs:
13
 
Priority: medium
14
 
Discovered-by:
15
 
Assigned-to:
16
 
 
17
 
Patches_sql-ledger:
18
 
upstream_sql-ledger: needed
19
 
dapper_sql-ledger: ignored (reached end-of-life)
20
 
hardy_sql-ledger: ignored (reached end-of-life)
21
 
intrepid_sql-ledger: needed (reached end-of-life)
22
 
jaunty_sql-ledger: ignored (reached end-of-life)
23
 
karmic_sql-ledger: ignored (reached end-of-life)
24
 
lucid_sql-ledger: ignored (reached end-of-life)
25
 
maverick_sql-ledger: ignored (reached end-of-life)
26
 
natty_sql-ledger: ignored (reached end-of-life)
27
 
oneiric_sql-ledger: ignored (reached end-of-life)
28
 
precise_sql-ledger: ignored (reached end-of-life)
29
 
precise/esm_sql-ledger: DNE (precise was needed)
30
 
quantal_sql-ledger: ignored (reached end-of-life)
31
 
raring_sql-ledger: ignored (reached end-of-life)
32
 
saucy_sql-ledger: ignored (reached end-of-life)
33
 
trusty_sql-ledger: needed
34
 
utopic_sql-ledger: ignored (reached end-of-life)
35
 
vivid_sql-ledger: ignored (reached end-of-life)
36
 
vivid/stable-phone-overlay_sql-ledger: DNE
37
 
vivid/ubuntu-core_sql-ledger: DNE
38
 
wily_sql-ledger: ignored (reached end-of-life)
39
 
xenial_sql-ledger: needed
40
 
yakkety_sql-ledger: ignored (reached end-of-life)
41
 
zesty_sql-ledger: ignored (reached end-of-life)
42
 
artful_sql-ledger: DNE
43
 
bionic_sql-ledger: DNE
44
 
devel_sql-ledger: DNE