|
307071
|
- |
|
ez
|
ez_publish
|
eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051128 allows remote authenticated users to cause a denial of service (Apache httpd segmentation fault) via a request…
|
CWE-399
Resource Management Errors
|
CVE-2005-4857
|
2015-07-29 00:04 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307072
|
- |
|
ez
|
ez_publish
|
The admin interface in eZ publish 3.5 before 3.5.7, 3.6 before 3.6.5, 3.7 before 3.7.3, and 3.8 before 20051110 does not properly handle authorization errors, which allows remote attackers to obtain …
|
CWE-19
Data Processing Errors
|
CVE-2005-4856
|
2015-07-29 00:03 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307073
|
- |
|
ez
|
ez_publish
|
eZ publish 3.5 through 3.7 before 20050830 does not use a folder's read permissions to restrict notifications, which allows remote authenticated users to obtain sensitive information about changes to…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2005-4854
|
2015-07-28 23:55 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307074
|
- |
|
ez
|
ez_publish
|
The default configuration of the forum package in eZ publish 3.5 before 3.5.5, 3.6 before 3.6.2, 3.7 before 3.7.0rc2, and 3.8 before 20050818 does not restrict edit permissions to a posting's owner, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2005-4853
|
2015-07-28 23:41 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307075
|
- |
|
ez
|
ez_publish
|
Vendor has fixed this vulnerability in an upgrade starting at 3.5.5: http://ez.no/download/ez_publish
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2005-4853
|
2015-07-28 23:41 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307076
|
- |
|
ez
|
ez_publish
|
eZ publish before 3.8.1 does not properly enforce permissions for "content edit Language" when there are four or more languages, which allows remote authenticated users to perform translations into l…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2006-7218
|
2015-07-28 23:35 |
2007-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307077
|
- |
|
ez
|
ez_publish
|
eZ publish before 3.8.5 does not properly enforce permissions for editing in a specific language, which allows remote authenticated users to create a draft in an unauthorized language by editing an a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2006-7219
|
2015-07-28 23:35 |
2007-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307078
|
- |
|
ez
|
ez_publish
|
eZ publish before 3.8.9, and 3.9 before 3.9.3, does not properly check permissions on module views that lack a policy function, which has unknown impact and attack vectors, as demonstrated by a vulne…
|
NVD-CWE-noinfo
|
CVE-2007-4493
|
2015-07-28 03:36 |
2007-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307079
|
- |
|
ez
|
ez_publish
|
The tipafriend function in eZ publish before 3.8.9, and 3.9 before 3.9.3, does not limit access by anonymous users, which allows remote attackers to conduct spam attacks.
|
NVD-CWE-noinfo
|
CVE-2007-4494
|
2015-07-28 03:36 |
2007-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307080
|
- |
|
ghostscript
|
ghostscript
|
Stack-based buffer overflow in the errprintf function in base/gsmisc.c in ghostscript 8.64 through 8.70 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary cod…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4270
|
2015-01-10 08:42 |
2009-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
