Home > Vulnerability Database > CVE-2009-4762

Mend.io Vulnerability Database

CVE-2009-4762

Good to know:

Date: March 29, 2010

MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inappropriate circumstances during processing of hierarchical ACLs, which allows remote attackers to bypass intended access restrictions by requesting an item, a different vulnerability than CVE-2008-6603.

Language: Python

Severity Score

7.3

Related Resources (12)

Url: http://hg.moinmo.in/moin/1.8/rev/897cdbe9e8f2

Url: http://www.securityfocus.com/bid/35277

Url: http://hg.moinmo.in/moin/1.7/rev/897cdbe9e8f2

Url: http://moinmo.in/SecurityFixes

Url: http://ubuntu.com/usn/usn-941-1

Url: http://www.debian.org/security/2010/dsa-2014

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2009-4762

Url: http://www.vupen.com/english/advisories/2010/1208

Url: http://www.vupen.com/english/advisories/2010/0600

Url: https://nvd.nist.gov/vuln/detail/CVE-2009-4762

Url: http://secunia.com/advisories/39887

Url: https://www.mend.io/vulnerability-database/CVE-2009-4762

Severity Score

7.3

Weakness Type (CWE)

Permissions, Privileges, and Access Control

CWE-264

Top Fix

Upgrade Version

Upgrade to version 1.9.3

Learn More

CVSS v3.1

Base Score:	7.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	7.5
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2009-4762

Good to know:

Date: March 29, 2010

Language: Python

Severity Score

Related Resources (12)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?