Vulnerability Description
Multiple unspecified vulnerabilities in Trac before 0.11.6 have unknown impact and attack vectors, possibly related to (1) "policy checks in report results when using alternate formats" or (2) a "check for the 'raw' role that is missing in docutils < 0.6."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Edgewall | Trac | <= 0.11.5 |
References
- http://secunia.com/advisories/37807Vendor Advisory
- http://secunia.com/advisories/37901Vendor Advisory
- http://trac.edgewall.org/browser/tags/trac-0.11.6/RELEASE
- http://www.vupen.com/english/advisories/2009/3615Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=542394
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54983
- https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01169.h
- http://secunia.com/advisories/37807Vendor Advisory
- http://secunia.com/advisories/37901Vendor Advisory
- http://trac.edgewall.org/browser/tags/trac-0.11.6/RELEASE
- http://www.vupen.com/english/advisories/2009/3615Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=542394
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54983
- https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01169.h
FAQ
What is CVE-2009-4405?
CVE-2009-4405 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple unspecified vulnerabilities in Trac before 0.11.6 have unknown impact and attack vectors, possibly related to (1) "policy checks in report results when using alternate formats" or (2) a "chec...
How severe is CVE-2009-4405?
CVE-2009-4405 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-4405?
Check the references section above for vendor advisories and patch information. Affected products include: Edgewall Trac.