NVD

Id
44954  
Name
CVE-2012-3357  
Description
The SVN revision view (lib/vclib/svn/svn_repos.py) in ViewVC before 1.1.15 does not properly handle log messages when a readable path is copied from an unreadable path, which allows remote attackers to obtain sensitive information, related to a "log msg leak."  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-19  
Published
2012-07-22  
Modified Date
2014-02-11  
Seq
2012-3357  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
225222 44954 CVE-2012-3357 http://viewvc.tigris.org/source/browse/viewvc?view=rev&revision=2758  View
225223 44954 CVE-2012-3357 DSA-2563  View
225224 44954 CVE-2012-3357 MDVSA-2013:134  View
225225 44954 CVE-2012-3357 [oss-security] 20120625 Re: CVE Request: viewvc  View
225226 44954 CVE-2012-3357 54199  View
225227 44954 CVE-2012-3357 viewvc-svnra-info-disclosure(76615)  View
225228 44954 CVE-2012-3357 openSUSE-SU-2012:0831  View
225229 44954 CVE-2012-3357 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0175  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
27561 JVNDB-2012-003268 ViewVC の SVN のリビジョン表示における重要な情報を取得される脆弱性 ViewVC の SVN のリビジョン表示 (lib/vclib/svn/svn_repos.py) は、読み取り可能なパスが読み取り不可のパスからコピーされる場合、ログメッセージを適切に処理しないため、重要な情報を取得される脆弱性が存在します。 CVE-2012-3357 56595 CVE-2012-3357 44954 5 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003268.html 2012-06-15 2012-11-26 View