CVE-2012-2352
Publication date 31 May 2012
Last updated 24 July 2024
Ubuntu priority
The archive management (arc_manage) page in wwsympa/wwsympa.fcgi.in in Sympa before 6.1.11 does not check permissions, which allows remote attackers to list, read, and delete arbitrary list archives via vectors related to the (1) do_arc_manage, (2) do_arc_download, or (3) do_arc_delete functions.
Status
Package | Ubuntu Release | Status |
---|---|---|
sympa | ||
16.04 LTS xenial |
Not affected
|
|
14.04 LTS trusty | Not in release | |