← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master

« back to all changes in this revision

Viewing changes to retired/CVE-2013-7448

  • Committer: Steve Beattie
  • Date: 2019-02-19 06:18:27 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219061827-oh57fzcfc1u9dlfk
The ubuntu-cve-tracker project has been converted to git.

Please use 'git clone https://git.launchpad.net/ubuntu-cve-tracker' to
get the converted tree.

Show diffs side-by-side

added added

removed removed

Lines of Context:
retired/CVE-2013-7448
1
 
Candidate: CVE-2013-7448
2
 
PublicDate: 2016-02-23
3
 
References:
4
 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7448
5
 
 https://github.com/OpenedHand/didiwiki/pull/1/files
6
 
 http://www.openwall.com/lists/oss-security/2016/02/19/4
7
 
Description:
8
 
 Directory traversal vulnerability in wiki.c in didiwiki allows remote
9
 
 attackers to read arbitrary files via the page parameter to api/page/get.
10
 
Ubuntu-Description:
11
 
Notes:
12
 
Bugs:
13
 
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815111
14
 
Priority: medium
15
 
Discovered-by: Alexander Izmailov
16
 
Assigned-to:
17
 
 
18
 
Patches_didiwiki:
19
 
 upstream: https://github.com/OpenedHand/didiwiki/pull/1/files
20
 
upstream_didiwiki: released (0.5-12)
21
 
precise_didiwiki: released (0.5-9+deb6u1build0.12.04.1)
22
 
trusty_didiwiki: released (0.5-11+deb8u1build0.14.04.1)
23
 
vivid/stable-phone-overlay_didiwiki: DNE
24
 
vivid/ubuntu-core_didiwiki: DNE
25
 
wily_didiwiki: released (0.5-11+deb8u1build0.15.10.1)
26
 
devel_didiwiki: not-affected (0.5-12)