1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
PublicDate: 2005-12-31
Candidate: CVE-2005-4853
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4853
Description:
The default configuration of the forum package in eZ publish 3.5 before
3.5.5, 3.6 before 3.6.2, 3.7 before 3.7.0rc2, and 3.8 before 20050818 does
not restrict edit permissions to a posting's owner, which allows remote
authenticated users to edit arbitrary postings.
Ubuntu-Description:
Notes:
Bugs:
#sid_PKG:
#dapper_PKG:
#edgy_PKG:
#feisty_PKG:
#devel_PKG:
dapper_ezpublish: ignored (reached end-of-life)
edgy_ezpublish: needed (reached end-of-life)
feisty_ezpublish: needed (reached end-of-life)
gutsy_ezpublish: needed (reached end-of-life)
hardy_ezpublish: DNE
intrepid_ezpublish: DNE
jaunty_ezpublish: DNE
karmic_ezpublish: DNE
devel_ezpublish: DNE
upstream_ezpublish:
|