CVE-2009-4762

Published: 29 March 2010

MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inappropriate circumstances during processing of hierarchical ACLs, which allows remote attackers to bypass intended access restrictions by requesting an item, a different vulnerability than CVE-2008-6603.

Priority

Medium

Status

Package Release Status
moin
Launchpad, Ubuntu, Debian
Upstream
Released (1.7.3, 1.8.3)
Patches:
Upstream: http://hg.moinmo.in/moin/1.7/rev/897cdbe9e8f2
Upstream: http://hg.moinmo.in/moin/1.8/rev/897cdbe9e8f2