CVE-2005-4850

Опубликовано: 31 дек. 2005

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

eZ publish 3.5 through 3.7 before 20050608 requires both edit and create permissions in order to submit data, which allows remote attackers to edit data submitted by arbitrary anonymous users.

Ссылки

http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_6_x_3_7_x_to_3_8_0
Patch
Vendor Advisory
http://issues.ez.no/6680
Broken Link
http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_6_x_3_7_x_to_3_8_0
Patch
Vendor Advisory
http://issues.ez.no/6680
Broken Link

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ez:ez_publish:*:*:*:*:*:*:*:*

Версия от 3.5.0 (включая) до 3.7 (включая)

EPSS

Процентиль: 42%

0.00201

Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2005-4850

ubuntu

больше 19 лет назад

eZ publish 3.5 through 3.7 before 20050608 requires both edit and create permissions in order to submit data, which allows remote attackers to edit data submitted by arbitrary anonymous users.

CVE-2005-4850

debian

больше 19 лет назад

eZ publish 3.5 through 3.7 before 20050608 requires both edit and crea ...

GHSA-jq7c-356h-gj6r

github

больше 3 лет назад

eZ publish 3.5 through 3.7 before 20050608 requires both edit and create permissions in order to submit data, which allows remote attackers to edit data submitted by arbitrary anonymous users.

EPSS

Процентиль: 42%

0.00201

Низкий

5 Medium

CVSS2

Дефекты

CWE-264