Name | CVE-2009-2171 |
Description | Mahara 1.1 before 1.1.5 does not apply permission checks when saving a view that contains artefacts, which allows remote authenticated users to read another user's artefact. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|---|---|---|---|---|---|
mahara | source | lenny | (not affected) | |||
mahara | source | (unstable) | 1.1.5-1 | low |
[lenny] - mahara <not-affected> (vulnerable code introduced in 1.1)