{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:subversion:subversion:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B1D817D-D7D7-44B9-A05F-F674539F9896",
              "versionEndIncluding": "1.4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Subversion 1.4.3 and earlier does not properly implement the \"partial access\" privilege for users who have access to changed paths but not copied paths, which allows remote authenticated users to obtain sensitive information (revision properties) via svn (1) propget, (2) proplist, or (3) propedit."
    },
    {
      "lang": "es",
      "value": "Subversion 1.4.3 y versiones anteriores no implementa apropiadamente el privilegio \"acceso parcial\" para usuarios que tienen acceso a rutas cambiadas pero no rutas copiadas, lo cual permite a usuarios remotos autenticados obtener informaci\u00f3n confidencial (propiedades de revisi\u00f3n) mediante svn (1) propget, (2) proplist, \u00f3 (3) propedit."
    }
  ],
  "id": "CVE-2007-2448",
  "lastModified": "2024-11-21T00:30:48.907",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:H/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-06-14T23:30:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://osvdb.org/36070"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/43139"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1018237"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://subversion.tigris.org/security/CVE-2007-2448-advisory.txt"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/24463"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-1053-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/2230"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2011/0264"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-1896"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/36070"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43139"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1018237"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://subversion.tigris.org/security/CVE-2007-2448-advisory.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/24463"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-1053-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0264"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1896"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "Red Hat is aware of this issue and is tracking it via the following bug:\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2007-2448\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.",
      "lastModified": "2007-06-26T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F10E314-3897-4A63-AE40-F4E34C3F0BFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "47B95A69-2535-4844-B819-082D4349708C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "930953B4-E972-48FB-913B-169E91F93FD6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow during the apr_time_t data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a (1) DAV2 REPORT query or (2) get-dated-rev svn-protocol command."
    },
    {
      "lang": "es",
      "value": "Desbordamiento basado en la pila durante la conversi\u00f3n de datos apr_time en Subversion 1.0.2 y anteriores permite a atacantes remotos ejecutar c\u00f3digo arbitrairo mediante:\r\n(1) una consulta DAV2 REPORT o\r\n(2) una orden get-dated-rev svn-protocol"
    }
  ],
  "id": "CVE-2004-0397",
  "lastModified": "2024-11-20T23:48:29.897",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-07-07T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021737.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=108498676517697\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/11642"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/11675"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.e-matters.de/advisories/082004.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://subversion.tigris.org/svn-sscanf-advisory.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200405-14.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.linuxsecurity.com/advisories/fedora_advisory-4373.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/6301"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/363814"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10386"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1748"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16191"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021737.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=108498676517697\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/11642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/11675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.e-matters.de/advisories/082004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://subversion.tigris.org/svn-sscanf-advisory.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200405-14.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.linuxsecurity.com/advisories/fedora_advisory-4373.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/6301"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/363814"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10386"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1748"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16191"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:subversion:subversion:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0434A631-5531-4C32-B5C5-730CA1890441",
              "versionEndIncluding": "1.5.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.22.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46EA6517-6361-449E-8A50-3E8706A71211",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.23.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "473B6660-AED8-4805-A48F-F4A18A4AB94F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.24.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F087A7F-7D7D-4377-B7CD-FC0775A33568",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.24.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "00E49F61-BC1D-4B0F-859F-89C331DA0E39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.24.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D44285DE-6FD7-4B0D-9715-1E6D31FAB6BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.25.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D18EA18-8EB3-4924-B428-A4D329A87C8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.27.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BB82A4-223F-43E3-8EE2-BA6276F51A1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.28.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE0D2D18-5141-4070-9390-2027967CBD4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.28.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "07F3F14A-AD74-4318-A830-08DED8189E7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.28.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "56ADDE86-635F-4F24-A320-CBBE076BA182",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.29.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "56AD9198-B051-4E0E-9B0B-CE99346EFF05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.30.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A81E5045-969D-4064-A7DB-9F902D600251",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.31.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "61B5A517-AAD4-44AE-8B1B-F1BA3F9C21B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.32.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5342EE15-7AAD-4666-BEFB-172A7CE5BC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.32.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "71AD1DC9-1BEA-4C81-A4EF-B78B2344C65E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.33.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "01A71B55-7F08-40BD-A60E-4EF679388B1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.33.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "39AA93C8-0CC1-46D0-8B67-2A3846BBDA45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.34.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFC08C9E-DC76-4F5E-9CA2-7952CC332EB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.35.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BB20C00-C6D6-4175-B659-018C4F4A1167",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.35.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "139E706E-202C-45B4-A5E3-2CDEEA14E20B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.36.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF79BC49-E4CD-4DCA-860F-A27F0371D4B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:0.37.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C12BDC3-6B07-47DD-96C8-1FA9F4B7BFE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F10E314-3897-4A63-AE40-F4E34C3F0BFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD801B94-DBE2-4A65-9428-8D4FC581866A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "47B95A69-2535-4844-B819-082D4349708C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "930953B4-E972-48FB-913B-169E91F93FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B41D875-F515-4A3F-9AA5-79BD09F74C30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8CCC20-8986-4028-B125-66F371A4A1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E07F13C-A6FC-49E8-B10E-E4FC1F182DA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "04AB9C70-10CB-460B-91AD-1D79C9153194",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1E718DB-2A79-4277-BA15-6E6A904E483A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E10F1DA-64E9-4567-8727-3AE8A6788A23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8CED53-EC94-480C-BCBD-EE045F0AA2A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27FC24BB-5BF3-4A25-A5C0-F5A224736F77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.1.0_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "286B7EBD-D663-440C-859B-1E0EE839AEB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.1.0_rc2:*:*:*:*:*:*:*",
              "matchCriteriaId": "408EC889-4D8B-49FC-9281-AC85559BB774",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.1.0_rc3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1E2A83E-A244-4F1E-85E9-6EA075D32C5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "212AC756-866F-43F6-9659-61554824B884",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B612E0A1-C0F8-4E69-B32C-356ADE7F82E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "19B8E241-9E28-4627-8FBB-18CF5D12B11C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3D528D6-37F5-40D0-BAF2-CCA214862C19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E73FF73-1F94-4657-83E2-375311A94440",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2FAC312-66F0-4C9E-95DF-0C61F07A834D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC9E80F6-728C-4474-AB90-23DF119E83DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "051434CF-6B62-4C29-B71A-C8800F048A07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "339A1BAC-F631-4355-9889-CE5EAC2FCB46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "72315FB6-EDB2-43AB-9DA8-E27118C84C08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C099833-CC13-47DD-9E6A-E10BF8103401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF74121-52AC-4EA8-9B51-BA68ED766ABC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6B791F-2DB2-4428-80DB-3203FD8868ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE0754E5-044C-445B-846F-1B7C7664F6BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D938FBF-02E3-4713-A7DB-7C552C65471C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A882A7B-5E03-4FC4-A92E-3681C67A0CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AF0C2C6-5FC0-4FB2-B31C-B9174789F904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3D435D7-F523-4B8B-988F-37F85DA7ECCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5CCBE47-1BD4-494A-8B9B-CB062F9741B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "457BD304-23A2-4FB4-AE9F-9F462DC27DD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7899D782-7544-4113-AE78-B724689EDC74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "85E5887A-A560-40AA-96D4-45D65D9A9C16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C461DA24-27D3-44C6-A5A3-17716616C696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FBF9A45-958C-4C65-B8AE-A7214D6A6922",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DE31846-6A08-47D5-8D20-D627DED5D8E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "45B6D800-A4A5-4835-941C-31C3FD00D5F9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows that trigger a heap-based buffer overflow, a related issue to CVE-2009-2412."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de entero en la biblioteca libsvn_delta en Subversion anterior a v1.5.7 y v1.6.x anterior a v1.6.4, permite a los usuarios remotos autenticados y a los servidores Subversion remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un flujo (stream) svndiff con grandes ventanas que desencadenan un desbordamiento de b\u00fafer basado en memoria din\u00e1mica, una cuesti\u00f3n relacionada con CVE-2009-2412."
    }
  ],
  "id": "CVE-2009-2411",
  "lastModified": "2024-11-21T01:04:48.607",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 8.5,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-08-07T19:30:00.297",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2009-08/0056.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://osvdb.org/56856"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36184"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/36224"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/36232"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/36257"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/36262"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.apple.com/kb/HT3937"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://svn.collab.net/repos/svn/tags/1.5.7/CHANGES"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://svn.collab.net/repos/svn/tags/1.6.4/CHANGES"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://svn.haxx.se/dev/archive-2009-08/0107.shtml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://svn.haxx.se/dev/archive-2009-08/0108.shtml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://svn.haxx.se/dev/archive-2009-08/0110.shtml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2009/dsa-1855"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:199"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-1203.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/35983"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1022697"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-812-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2180"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2009/3184"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11465"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00469.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00485.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2009-08/0056.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/56856"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36184"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36224"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36232"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36257"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36262"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://svn.collab.net/repos/svn/tags/1.5.7/CHANGES"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://svn.collab.net/repos/svn/tags/1.6.4/CHANGES"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://svn.haxx.se/dev/archive-2009-08/0107.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://svn.haxx.se/dev/archive-2009-08/0108.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://svn.haxx.se/dev/archive-2009-08/0110.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1855"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:199"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-1203.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/35983"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022697"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-812-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2180"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/3184"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11465"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00469.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00485.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F10E314-3897-4A63-AE40-F4E34C3F0BFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "47B95A69-2535-4844-B819-082D4349708C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "930953B4-E972-48FB-913B-169E91F93FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B41D875-F515-4A3F-9AA5-79BD09F74C30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8CCC20-8986-4028-B125-66F371A4A1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E07F13C-A6FC-49E8-B10E-E4FC1F182DA5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command."
    }
  ],
  "id": "CVE-2004-1438",
  "lastModified": "2024-11-20T23:50:52.940",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/60"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1010779"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://svn.collab.net/repos/svn/tags/1.0.6/CHANGES"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200407-20.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/10800"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16803"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/60"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1010779"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://svn.collab.net/repos/svn/tags/1.0.6/CHANGES"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200407-20.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/10800"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16803"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F10E314-3897-4A63-AE40-F4E34C3F0BFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "47B95A69-2535-4844-B819-082D4349708C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "930953B4-E972-48FB-913B-169E91F93FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B41D875-F515-4A3F-9AA5-79BD09F74C30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8CCC20-8986-4028-B125-66F371A4A1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E07F13C-A6FC-49E8-B10E-E4FC1F182DA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "04AB9C70-10CB-460B-91AD-1D79C9153194",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1E718DB-2A79-4277-BA15-6E6A904E483A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.1.0_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "286B7EBD-D663-440C-859B-1E0EE839AEB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.1.0_rc2:*:*:*:*:*:*:*",
              "matchCriteriaId": "408EC889-4D8B-49FC-9281-AC85559BB774",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.1.0_rc3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1E2A83E-A244-4F1E-85E9-6EA075D32C5B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "980553F2-8662-47CF-95F0-645141746AEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "40EBF1CD-B392-4262-8F06-2C784ADAF0F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C00F84A-FCD4-4935-B7DE-ECBA6AE9B074",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "960DC6C2-B285-41D4-96F7-ED97F8BD5482",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D1FD0EB4-E744-4465-AFEE-A3C807C9C993",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "1D866A7D-F0B9-4EA3-93C6-1E7C2C2A861F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "57772E3B-893C-408A-AA3B-78C972ED4D5E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other commands that follow renames."
    },
    {
      "lang": "es",
      "value": "El m\u00f3dulo mod_authz_svn en Subversion 1.0.7 y anteriores no restringe adecuadamente el acceso a todos los metadatos en rutas ilegibles, lo que podr\u00eda permitir a atacantes remotos ganar informaci\u00f3n sensible mediante (1) svn log -v, (2) svn propget, o (3) svn blame, y otras \u00f3rdenes que siguen cambios de de nombre."
    }
  ],
  "id": "CVE-2004-0749",
  "lastModified": "2024-11-20T23:49:19.060",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-23T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://fedoranews.org/updates/FEDORA-2004-318.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://subversion.tigris.org/security/CAN-2004-0749-advisory.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-35.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11243"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17472"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://fedoranews.org/updates/FEDORA-2004-318.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://subversion.tigris.org/security/CAN-2004-0749-advisory.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-35.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11243"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17472"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:subversion:subversion:*:*:windows:*:*:*:*:*",
              "matchCriteriaId": "1990E01B-99A1-4E5F-B84E-466B654B518B",
              "versionEndIncluding": "1.4.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tortoisesvn:tortoisesvn:*:*:windows:*:*:*:*:*",
              "matchCriteriaId": "AB68E39A-869E-469E-88AB-6B4786CAA85C",
              "versionEndIncluding": "1.4.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in Subversion before 1.4.5, as used by TortoiseSVN before 1.4.5 and possibly other products, when run on Windows-based systems, allows remote authenticated users to overwrite and create arbitrary files via a ..\\ (dot dot backslash) sequence in the filename, as stored in the file repository."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de salto de directorio en Subversion anterior a 1.4.5, utilizado en TortoiseSVN anterior a 1.4.5 y posiblemente otros productos, cuando se ejecuta en sistemas basados en Windows, permite a usuarios autenticados remotamente sobrescribir y crear archivos de su elecci\u00f3n mediante una secuencia ..\\ (punto punto barra invertida) en el nombre de archivo, almacenado en el repositorio de archivos."
    }
  ],
  "id": "CVE-2007-3846",
  "lastModified": "2024-11-21T00:34:12.810",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-08-28T18:17:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://crisp.cs.du.edu/?q=node/36"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://osvdb.org/40118"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://osvdb.org/40119"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26625"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26632"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1018617"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://subversion.tigris.org/servlets/NewsItemView?newsItemID=1941"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://subversion.tigris.org/servlets/ReadMsg?list=users\u0026msgNo=69413"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://subversion.tigris.org/servlets/ReadMsg?list=users\u0026msgNo=69413"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://tortoisesvn.net/node/291"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/25468"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/3003"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/3004"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://crisp.cs.du.edu/?q=node/36"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/40118"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/40119"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26625"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26632"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://subversion.tigris.org/servlets/NewsItemView?newsItemID=1941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://subversion.tigris.org/servlets/ReadMsg?list=users\u0026msgNo=69413"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://subversion.tigris.org/servlets/ReadMsg?list=users\u0026msgNo=69413"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://tortoisesvn.net/node/291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/25468"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3003"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36312"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openpkg:openpkg:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F74941A0-97CA-44D4-B55B-9224F051D40F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openpkg:openpkg:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "48A4B336-2D5B-4D9B-AA87-E5266FED05BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F10E314-3897-4A63-AE40-F4E34C3F0BFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "47B95A69-2535-4844-B819-082D4349708C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "930953B4-E972-48FB-913B-169E91F93FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B41D875-F515-4A3F-9AA5-79BD09F74C30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:subversion:subversion:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A8CCC20-8986-4028-B125-66F371A4A1D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer overflow."
    },
    {
      "lang": "es",
      "value": "libsvn_ra_svn en Subversion 1.0.4 conf\u00eda en el campo de longitud de (1) svn://, (2) svn+ssh://, y (3) otras cadenas de protocolo svn, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumici\u00f3n de memoria) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante un desbordamiento de enteros que conduce a un desbordamiento basado en la pila."
    }
  ],
  "id": "CVE-2004-0413",
  "lastModified": "2024-11-20T23:48:32.187",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-08-06T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://subversion.tigris.org/security/CAN-2004-0413-advisory.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200406-07.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2004_18_subversion.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/advisories/6847"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/365836"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10519"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1748"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16396"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://subversion.tigris.org/security/CAN-2004-0413-advisory.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200406-07.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2004_18_subversion.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/advisories/6847"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/365836"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10519"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1748"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16396"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:28:52.539Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2007-3004",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3004"
          },
          {
            "name": "[users-subversion] 20070828 Subversion 1.4.5 releaded (Win32 security release)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://subversion.tigris.org/servlets/ReadMsg?list=users\u0026msgNo=69413"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tortoisesvn.net/node/291"
          },
          {
            "name": "26632",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26632"
          },
          {
            "name": "25468",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25468"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://crisp.cs.du.edu/?q=node/36"
          },
          {
            "name": "40119",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/40119"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://subversion.tigris.org/servlets/NewsItemView?newsItemID=1941"
          },
          {
            "name": "1018617",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018617"
          },
          {
            "name": "26625",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26625"
          },
          {
            "name": "ADV-2007-3003",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3003"
          },
          {
            "name": "40118",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/40118"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://subversion.tigris.org/servlets/ReadMsg?list=users\u0026msgNo=69413"
          },
          {
            "name": "subversion-filename-directory-traversal(36312)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36312"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-08-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in Subversion before 1.4.5, as used by TortoiseSVN before 1.4.5 and possibly other products, when run on Windows-based systems, allows remote authenticated users to overwrite and create arbitrary files via a ..\\ (dot dot backslash) sequence in the filename, as stored in the file repository."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "ADV-2007-3004",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3004"
        },
        {
          "name": "[users-subversion] 20070828 Subversion 1.4.5 releaded (Win32 security release)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://subversion.tigris.org/servlets/ReadMsg?list=users\u0026msgNo=69413"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tortoisesvn.net/node/291"
        },
        {
          "name": "26632",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26632"
        },
        {
          "name": "25468",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25468"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://crisp.cs.du.edu/?q=node/36"
        },
        {
          "name": "40119",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/40119"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://subversion.tigris.org/servlets/NewsItemView?newsItemID=1941"
        },
        {
          "name": "1018617",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018617"
        },
        {
          "name": "26625",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26625"
        },
        {
          "name": "ADV-2007-3003",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3003"
        },
        {
          "name": "40118",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/40118"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://subversion.tigris.org/servlets/ReadMsg?list=users\u0026msgNo=69413"
        },
        {
          "name": "subversion-filename-directory-traversal(36312)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36312"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2007-3846",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in Subversion before 1.4.5, as used by TortoiseSVN before 1.4.5 and possibly other products, when run on Windows-based systems, allows remote authenticated users to overwrite and create arbitrary files via a ..\\ (dot dot backslash) sequence in the filename, as stored in the file repository."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2007-3004",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3004"
            },
            {
              "name": "[users-subversion] 20070828 Subversion 1.4.5 releaded (Win32 security release)",
              "refsource": "MLIST",
              "url": "http://subversion.tigris.org/servlets/ReadMsg?list=users\u0026msgNo=69413"
            },
            {
              "name": "http://tortoisesvn.net/node/291",
              "refsource": "CONFIRM",
              "url": "http://tortoisesvn.net/node/291"
            },
            {
              "name": "26632",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26632"
            },
            {
              "name": "25468",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25468"
            },
            {
              "name": "http://crisp.cs.du.edu/?q=node/36",
              "refsource": "MISC",
              "url": "http://crisp.cs.du.edu/?q=node/36"
            },
            {
              "name": "40119",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/40119"
            },
            {
              "name": "http://subversion.tigris.org/servlets/NewsItemView?newsItemID=1941",
              "refsource": "CONFIRM",
              "url": "http://subversion.tigris.org/servlets/NewsItemView?newsItemID=1941"
            },
            {
              "name": "1018617",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018617"
            },
            {
              "name": "26625",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26625"
            },
            {
              "name": "ADV-2007-3003",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3003"
            },
            {
              "name": "40118",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/40118"
            },
            {
              "name": "http://subversion.tigris.org/servlets/ReadMsg?list=users\u0026msgNo=69413",
              "refsource": "CONFIRM",
              "url": "http://subversion.tigris.org/servlets/ReadMsg?list=users\u0026msgNo=69413"
            },
            {
              "name": "subversion-filename-directory-traversal(36312)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36312"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-3846",
    "datePublished": "2007-08-28T18:00:00",
    "dateReserved": "2007-07-18T00:00:00",
    "dateUpdated": "2024-08-07T14:28:52.539Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:52:15.197Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[dev] 20090806 Subversion 1.5.7 Released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://svn.haxx.se/dev/archive-2009-08/0108.shtml"
          },
          {
            "name": "1022697",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022697"
          },
          {
            "name": "ADV-2009-2180",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2180"
          },
          {
            "name": "20090807 Subversion heap overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2009-08/0056.html"
          },
          {
            "name": "36262",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36262"
          },
          {
            "name": "36257",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36257"
          },
          {
            "name": "36184",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36184"
          },
          {
            "name": "USN-812-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-812-1"
          },
          {
            "name": "DSA-1855",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1855"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt"
          },
          {
            "name": "36224",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36224"
          },
          {
            "name": "35983",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35983"
          },
          {
            "name": "[dev] 20090806 Subversion 1.6.4 Released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://svn.haxx.se/dev/archive-2009-08/0107.shtml"
          },
          {
            "name": "FEDORA-2009-8449",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00485.html"
          },
          {
            "name": "[dev] 20090806 Patch to 1.4.x branch for CVE-2009-2411",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://svn.haxx.se/dev/archive-2009-08/0110.shtml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.collab.net/repos/svn/tags/1.6.4/CHANGES"
          },
          {
            "name": "RHSA-2009:1203",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1203.html"
          },
          {
            "name": "36232",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36232"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.collab.net/repos/svn/tags/1.5.7/CHANGES"
          },
          {
            "name": "ADV-2009-3184",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3184"
          },
          {
            "name": "MDVSA-2009:199",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:199"
          },
          {
            "name": "oval:org.mitre.oval:def:11465",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11465"
          },
          {
            "name": "56856",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/56856"
          },
          {
            "name": "APPLE-SA-2009-11-09-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3937"
          },
          {
            "name": "FEDORA-2009-8432",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00469.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-08-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows that trigger a heap-based buffer overflow, a related issue to CVE-2009-2412."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "[dev] 20090806 Subversion 1.5.7 Released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://svn.haxx.se/dev/archive-2009-08/0108.shtml"
        },
        {
          "name": "1022697",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022697"
        },
        {
          "name": "ADV-2009-2180",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2180"
        },
        {
          "name": "20090807 Subversion heap overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2009-08/0056.html"
        },
        {
          "name": "36262",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36262"
        },
        {
          "name": "36257",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36257"
        },
        {
          "name": "36184",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36184"
        },
        {
          "name": "USN-812-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-812-1"
        },
        {
          "name": "DSA-1855",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1855"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt"
        },
        {
          "name": "36224",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36224"
        },
        {
          "name": "35983",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35983"
        },
        {
          "name": "[dev] 20090806 Subversion 1.6.4 Released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://svn.haxx.se/dev/archive-2009-08/0107.shtml"
        },
        {
          "name": "FEDORA-2009-8449",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00485.html"
        },
        {
          "name": "[dev] 20090806 Patch to 1.4.x branch for CVE-2009-2411",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://svn.haxx.se/dev/archive-2009-08/0110.shtml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.collab.net/repos/svn/tags/1.6.4/CHANGES"
        },
        {
          "name": "RHSA-2009:1203",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-1203.html"
        },
        {
          "name": "36232",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36232"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.collab.net/repos/svn/tags/1.5.7/CHANGES"
        },
        {
          "name": "ADV-2009-3184",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3184"
        },
        {
          "name": "MDVSA-2009:199",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:199"
        },
        {
          "name": "oval:org.mitre.oval:def:11465",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11465"
        },
        {
          "name": "56856",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/56856"
        },
        {
          "name": "APPLE-SA-2009-11-09-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3937"
        },
        {
          "name": "FEDORA-2009-8432",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00469.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-2411",
    "datePublished": "2009-08-07T19:00:00",
    "dateReserved": "2009-07-09T00:00:00",
    "dateUpdated": "2024-08-07T05:52:15.197Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:17:14.359Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "10386",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10386"
          },
          {
            "name": "FLSA:1748",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1748"
          },
          {
            "name": "20040519 Advisory 08/2004: Subversion remote vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021737.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://subversion.tigris.org/svn-sscanf-advisory.txt"
          },
          {
            "name": "20040519 Advisory 08/2004: Subversion remote vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=108498676517697\u0026w=2"
          },
          {
            "name": "20040519 [OpenPKG-SA-2004.023] OpenPKG Security Advisory (subversion)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/363814"
          },
          {
            "name": "FEDORA-2004-128",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.linuxsecurity.com/advisories/fedora_advisory-4373.html"
          },
          {
            "name": "GLSA-200405-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200405-14.xml"
          },
          {
            "name": "6301",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/6301"
          },
          {
            "name": "11675",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/11675"
          },
          {
            "name": "subversion-date-parsing-command-execution(16191)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16191"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://security.e-matters.de/advisories/082004.html"
          },
          {
            "name": "11642",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/11642"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-05-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow during the apr_time_t data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a (1) DAV2 REPORT query or (2) get-dated-rev svn-protocol command."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "10386",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10386"
        },
        {
          "name": "FLSA:1748",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1748"
        },
        {
          "name": "20040519 Advisory 08/2004: Subversion remote vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021737.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://subversion.tigris.org/svn-sscanf-advisory.txt"
        },
        {
          "name": "20040519 Advisory 08/2004: Subversion remote vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=108498676517697\u0026w=2"
        },
        {
          "name": "20040519 [OpenPKG-SA-2004.023] OpenPKG Security Advisory (subversion)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/363814"
        },
        {
          "name": "FEDORA-2004-128",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.linuxsecurity.com/advisories/fedora_advisory-4373.html"
        },
        {
          "name": "GLSA-200405-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200405-14.xml"
        },
        {
          "name": "6301",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/6301"
        },
        {
          "name": "11675",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/11675"
        },
        {
          "name": "subversion-date-parsing-command-execution(16191)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16191"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://security.e-matters.de/advisories/082004.html"
        },
        {
          "name": "11642",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/11642"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0397",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow during the apr_time_t data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a (1) DAV2 REPORT query or (2) get-dated-rev svn-protocol command."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "10386",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10386"
            },
            {
              "name": "FLSA:1748",
              "refsource": "FEDORA",
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1748"
            },
            {
              "name": "20040519 Advisory 08/2004: Subversion remote vulnerability",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021737.html"
            },
            {
              "name": "http://subversion.tigris.org/svn-sscanf-advisory.txt",
              "refsource": "CONFIRM",
              "url": "http://subversion.tigris.org/svn-sscanf-advisory.txt"
            },
            {
              "name": "20040519 Advisory 08/2004: Subversion remote vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=108498676517697\u0026w=2"
            },
            {
              "name": "20040519 [OpenPKG-SA-2004.023] OpenPKG Security Advisory (subversion)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/363814"
            },
            {
              "name": "FEDORA-2004-128",
              "refsource": "FEDORA",
              "url": "http://www.linuxsecurity.com/advisories/fedora_advisory-4373.html"
            },
            {
              "name": "GLSA-200405-14",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200405-14.xml"
            },
            {
              "name": "6301",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/6301"
            },
            {
              "name": "11675",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/11675"
            },
            {
              "name": "subversion-date-parsing-command-execution(16191)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16191"
            },
            {
              "name": "http://security.e-matters.de/advisories/082004.html",
              "refsource": "MISC",
              "url": "http://security.e-matters.de/advisories/082004.html"
            },
            {
              "name": "11642",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/11642"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0397",
    "datePublished": "2004-05-28T04:00:00",
    "dateReserved": "2004-04-13T00:00:00",
    "dateUpdated": "2024-08-08T00:17:14.359Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:31:46.965Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2004-318",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA-2004-318.shtml"
          },
          {
            "name": "subversion-information-disclosure(17472)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17472"
          },
          {
            "name": "11243",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11243"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://subversion.tigris.org/security/CAN-2004-0749-advisory.txt"
          },
          {
            "name": "GLSA-200409-35",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-35.xml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other commands that follow renames."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "FEDORA-2004-318",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA-2004-318.shtml"
        },
        {
          "name": "subversion-information-disclosure(17472)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17472"
        },
        {
          "name": "11243",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11243"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://subversion.tigris.org/security/CAN-2004-0749-advisory.txt"
        },
        {
          "name": "GLSA-200409-35",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-35.xml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0749",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other commands that follow renames."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "FEDORA-2004-318",
              "refsource": "FEDORA",
              "url": "http://fedoranews.org/updates/FEDORA-2004-318.shtml"
            },
            {
              "name": "subversion-information-disclosure(17472)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17472"
            },
            {
              "name": "11243",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11243"
            },
            {
              "name": "http://subversion.tigris.org/security/CAN-2004-0749-advisory.txt",
              "refsource": "CONFIRM",
              "url": "http://subversion.tigris.org/security/CAN-2004-0749-advisory.txt"
            },
            {
              "name": "GLSA-200409-35",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-35.xml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0749",
    "datePublished": "2004-11-19T05:00:00",
    "dateReserved": "2004-07-26T00:00:00",
    "dateUpdated": "2024-08-08T00:31:46.965Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:17:14.957Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "10519",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10519"
          },
          {
            "name": "FLSA:1748",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1748"
          },
          {
            "name": "SuSE-SA:2004:018",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2004_18_subversion.html"
          },
          {
            "name": "FEDORA-2004-165",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/advisories/6847"
          },
          {
            "name": "GLSA-200406-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200406-07.xml"
          },
          {
            "name": "subversion-svn-bo(16396)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16396"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://subversion.tigris.org/security/CAN-2004-0413-advisory.txt"
          },
          {
            "name": "20041012 [FMADV] Subversion \u003c= 1.04 Heap Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/365836"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-06-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "10519",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10519"
        },
        {
          "name": "FLSA:1748",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1748"
        },
        {
          "name": "SuSE-SA:2004:018",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2004_18_subversion.html"
        },
        {
          "name": "FEDORA-2004-165",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/advisories/6847"
        },
        {
          "name": "GLSA-200406-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200406-07.xml"
        },
        {
          "name": "subversion-svn-bo(16396)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16396"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://subversion.tigris.org/security/CAN-2004-0413-advisory.txt"
        },
        {
          "name": "20041012 [FMADV] Subversion \u003c= 1.04 Heap Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/365836"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0413",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "10519",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10519"
            },
            {
              "name": "FLSA:1748",
              "refsource": "FEDORA",
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1748"
            },
            {
              "name": "SuSE-SA:2004:018",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2004_18_subversion.html"
            },
            {
              "name": "FEDORA-2004-165",
              "refsource": "FEDORA",
              "url": "http://www.securityfocus.com/advisories/6847"
            },
            {
              "name": "GLSA-200406-07",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200406-07.xml"
            },
            {
              "name": "subversion-svn-bo(16396)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16396"
            },
            {
              "name": "http://subversion.tigris.org/security/CAN-2004-0413-advisory.txt",
              "refsource": "CONFIRM",
              "url": "http://subversion.tigris.org/security/CAN-2004-0413-advisory.txt"
            },
            {
              "name": "20041012 [FMADV] Subversion \u003c= 1.04 Heap Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/365836"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0413",
    "datePublished": "2004-06-23T04:00:00",
    "dateReserved": "2004-04-16T00:00:00",
    "dateUpdated": "2024-08-08T00:17:14.957Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:53:23.539Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "10800",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10800"
          },
          {
            "name": "GLSA-200407-20",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200407-20.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.collab.net/repos/svn/tags/1.0.6/CHANGES"
          },
          {
            "name": "1010779",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1010779"
          },
          {
            "name": "subversion-modauthzsvn-restriction-bypass(16803)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16803"
          },
          {
            "name": "60",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/60"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-07-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "10800",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10800"
        },
        {
          "name": "GLSA-200407-20",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200407-20.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.collab.net/repos/svn/tags/1.0.6/CHANGES"
        },
        {
          "name": "1010779",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1010779"
        },
        {
          "name": "subversion-modauthzsvn-restriction-bypass(16803)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16803"
        },
        {
          "name": "60",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/60"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1438",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "10800",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10800"
            },
            {
              "name": "GLSA-200407-20",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200407-20.xml"
            },
            {
              "name": "http://svn.collab.net/repos/svn/tags/1.0.6/CHANGES",
              "refsource": "CONFIRM",
              "url": "http://svn.collab.net/repos/svn/tags/1.0.6/CHANGES"
            },
            {
              "name": "1010779",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1010779"
            },
            {
              "name": "subversion-modauthzsvn-restriction-bypass(16803)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16803"
            },
            {
              "name": "60",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/60"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1438",
    "datePublished": "2005-02-13T05:00:00",
    "dateReserved": "2005-02-13T00:00:00",
    "dateUpdated": "2024-08-08T00:53:23.539Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:42:33.422Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1896"
          },
          {
            "name": "36070",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/36070"
          },
          {
            "name": "ADV-2011-0264",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0264"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://subversion.tigris.org/security/CVE-2007-2448-advisory.txt"
          },
          {
            "name": "ADV-2007-2230",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2230"
          },
          {
            "name": "USN-1053-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1053-1"
          },
          {
            "name": "1018237",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018237"
          },
          {
            "name": "43139",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43139"
          },
          {
            "name": "24463",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24463"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-06-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Subversion 1.4.3 and earlier does not properly implement the \"partial access\" privilege for users who have access to changed paths but not copied paths, which allows remote authenticated users to obtain sensitive information (revision properties) via svn (1) propget, (2) proplist, or (3) propedit."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2007-06-22T09:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1896"
        },
        {
          "name": "36070",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/36070"
        },
        {
          "name": "ADV-2011-0264",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0264"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://subversion.tigris.org/security/CVE-2007-2448-advisory.txt"
        },
        {
          "name": "ADV-2007-2230",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2230"
        },
        {
          "name": "USN-1053-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1053-1"
        },
        {
          "name": "1018237",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018237"
        },
        {
          "name": "43139",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43139"
        },
        {
          "name": "24463",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24463"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-2448",
    "datePublished": "2007-06-14T23:00:00",
    "dateReserved": "2007-05-02T00:00:00",
    "dateUpdated": "2024-08-07T13:42:33.422Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}