The newsletter posting area in the web interface in Sympa 6.0.x before 6.0.10 and 6.1.x before 6.1.24 allows remote attackers to read arbitrary files via unspecified vectors.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:25
Type | Values Removed | Values Added |
---|---|---|
References | () http://advisories.mageia.org/MGASA-2015-0085.html - | |
References | () http://secunia.com/advisories/62387 - | |
References | () http://secunia.com/advisories/62442 - | |
References | () http://www.debian.org/security/2015/dsa-3134 - | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2015:051 - | |
References | () http://www.openwall.com/lists/oss-security/2015/01/20/4 - | |
References | () http://www.securityfocus.com/bid/72277 - | |
References | () https://www.sympa.org/security_advisories - Patch, Vendor Advisory |
Information
Published : 2015-01-22 15:59
Updated : 2024-11-21 02:25
NVD link : CVE-2015-1306
Mitre link : CVE-2015-1306
CVE.ORG link : CVE-2015-1306
JSON object : View
Products Affected
sympa
- sympa
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor