1. CVE-Search
  2. CVE-2009-3619
ID CVE-2009-3619
Summary Unspecified vulnerability in ViewVC 1.0 before 1.0.9 and 1.1 before 1.1.2 has unknown impact and remote attack vectors related to "printing illegal parameter names and values."
References
Vulnerable Configurations
  • cpe:2.3:a:viewvc:viewvc:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:viewvc:viewvc:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:viewvc:viewvc:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:viewvc:viewvc:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:viewvc:viewvc:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:viewvc:viewvc:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:viewvc:viewvc:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:viewvc:viewvc:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:viewvc:viewvc:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:viewvc:viewvc:1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:viewvc:viewvc:1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:viewvc:viewvc:1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:viewvc:viewvc:1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:viewvc:viewvc:1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:viewvc:viewvc:1.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:viewvc:viewvc:1.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:viewvc:viewvc:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:viewvc:viewvc:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:viewvc:viewvc:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:viewvc:viewvc:1.1.1:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 13-08-2018 - 21:47)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
confirm http://viewvc.tigris.org/source/browse/*checkout*/viewvc/tags/1.1.2/CHANGES?revision=2235&pathrev=HEAD
fedora
  • FEDORA-2009-8501
  • FEDORA-2009-8507
mlist [oss-security] 20091016 Re: viewvc: CVE request: XSS and illegal characters while printing name-value pairs
secunia
  • 36292
  • 36311
suse SUSE-SR:2009:017
vupen ADV-2009-2257
Last major update 13-08-2018 - 21:47
Published 10-11-2009 - 02:30
Last modified 13-08-2018 - 21:47
Back to Top