Name | CVE-2006-6515 |
Description | Mantis before 1.1.0a2 sets the default value of $g_bug_reminder_threshold to "reporter" instead of a more privileged role, which has unknown impact and attack vectors, possibly related to frequency of reminders. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|---|---|---|---|---|---|
mantis | source | (unstable) | 1.0.6+dfsg-1 | unimportant |
http://www.mantisbt.org/bugs/print_bug_page.php?bug_id=5163
Not a security bug, only a very annoying feature.