CVE-2007-2448

Subversion 1.4.3 and earlier does not properly implement the "partial access" privilege for users who have access to changed paths but not copied paths, which allows remote authenticated users to obtain sensitive information (revision properties) via svn (1) propget, (2) proplist, or (3) propedit.
Configurations

Configuration 1 (hide)

cpe:2.3:a:subversion:subversion:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2007-06-14 23:30

Updated : 2024-02-28 11:01


NVD link : CVE-2007-2448

Mitre link : CVE-2007-2448

CVE.ORG link : CVE-2007-2448


JSON object : View

Products Affected

subversion

  • subversion