Vulnerability Description
MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inappropriate circumstances during processing of hierarchical ACLs, which allows remote attackers to bypass intended access restrictions by requesting an item, a different vulnerability than CVE-2008-6603.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Moinmo | Moinmoin | 1.7.0 |
Related Weaknesses (CWE)
References
- http://hg.moinmo.in/moin/1.7/rev/897cdbe9e8f2Patch
- http://hg.moinmo.in/moin/1.8/rev/897cdbe9e8f2Patch
- http://moinmo.in/SecurityFixesVendor Advisory
- http://secunia.com/advisories/39887
- http://ubuntu.com/usn/usn-941-1
- http://www.debian.org/security/2010/dsa-2014
- http://www.securityfocus.com/bid/35277
- http://www.vupen.com/english/advisories/2010/0600Vendor Advisory
- http://www.vupen.com/english/advisories/2010/1208
- http://hg.moinmo.in/moin/1.7/rev/897cdbe9e8f2Patch
- http://hg.moinmo.in/moin/1.8/rev/897cdbe9e8f2Patch
- http://moinmo.in/SecurityFixesVendor Advisory
- http://secunia.com/advisories/39887
- http://ubuntu.com/usn/usn-941-1
- http://www.debian.org/security/2010/dsa-2014
FAQ
What is CVE-2009-4762?
CVE-2009-4762 is a vulnerability with a CVSS score of 7.5 (HIGH). MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inappropriate circumstances during processing of hierarchical ACLs, which allows remote attackers to bypass intended ac...
How severe is CVE-2009-4762?
CVE-2009-4762 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-4762?
Check the references section above for vendor advisories and patch information. Affected products include: Moinmo Moinmoin.