2
Candidate: CVE-2006-6574
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6574
6
Mantis before 1.1.0a2 does not implement per-item access control for Issue
7
History (Bug History), which allows remote attackers to obtain sensitive
8
information by reading the Change column, as demonstrated by the Change
9
column of a custom field.
13
https://bugs.launchpad.net/bugs/185021
15
vendor: http://www.debian.org/security/2008/dsa-1467
16
dapper_mantis: ignored (reached end-of-life)
17
edgy_mantis: needed (reached end-of-life)
19
gutsy_mantis: needed (reached end-of-life)
20
hardy_mantis: not-affected
21
intrepid_mantis: not-affected
22
jaunty_mantis: not-affected
23
karmic_mantis: not-affected
24
devel_mantis: not-affected
25
upstream_mantis: released (1.1.0a2)