CVE-2009-4405

EUVD-2009-0010
Multiple unspecified vulnerabilities in Trac before 0.11.6 have unknown impact and attack vectors, possibly related to (1) "policy checks in report results when using alternate formats" or (2) a "check for the 'raw' role that is missing in docutils < 0.6."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
Affected Products (NVD)
VendorProductVersion
edgewalltrac
𝑥
≤ 0.11.5
edgewalltrac
0.5
edgewalltrac
0.5.1
edgewalltrac
0.5.2
edgewalltrac
0.6
edgewalltrac
0.6.1
edgewalltrac
0.7
edgewalltrac
0.7.1
edgewalltrac
0.8
edgewalltrac
0.8.1
edgewalltrac
0.8.2
edgewalltrac
0.8.3
edgewalltrac
0.8.4
edgewalltrac
0.9
edgewalltrac
0.9.1
edgewalltrac
0.9.2
edgewalltrac
0.9.3
edgewalltrac
0.9.4
edgewalltrac
0.9.5
edgewalltrac
0.9.6
edgewalltrac
0.10
edgewalltrac
0.10:beta1
edgewalltrac
0.10:rc1
edgewalltrac
0.10.1
edgewalltrac
0.10.2
edgewalltrac
0.10.3
edgewalltrac
0.10.3:rc1
edgewalltrac
0.10.3.1
edgewalltrac
0.10.4
edgewalltrac
0.10.5
edgewalltrac
0.11
edgewalltrac
0.11:b1
edgewalltrac
0.11:b2
edgewalltrac
0.11:rc1
edgewalltrac
0.11:rc2
edgewalltrac
0.11.1
edgewalltrac
0.11.2
edgewalltrac
0.11.2.1
edgewalltrac
0.11.3
edgewalltrac
0.11.4
edgewalltrac
0.11.4:rc1
edgewalltrac
0.11.4:rc2
edgewalltrac
0.11.5:rc1
edgewalltrac
0.11.5:rc2
edgewalltrac
0.50.9
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
trac
lenny
no-dsa
sid
1.6-2
fixed
trixie
1.6-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
trac
dapper
ignored
hardy
ignored
intrepid
ignored
jaunty
Fixed 0.11.1-2.1ubuntu0.1
released
karmic
Fixed 0.11.5-2ubuntu1.1
released
lucid
not-affected
maverick
not-affected
natty
not-affected
oneiric
not-affected
References
http://secunia.com/advisories/37807
http://secunia.com/advisories/37901
http://trac.edgewall.org/browser/tags/trac-0.11.6/RELEASE
http://www.vupen.com/english/advisories/2009/3615
https://bugzilla.redhat.com/show_bug.cgi?id=542394
https://exchange.xforce.ibmcloud.com/vulnerabilities/54983
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01169.html
http://secunia.com/advisories/37807
http://secunia.com/advisories/37901
http://trac.edgewall.org/browser/tags/trac-0.11.6/RELEASE
http://www.vupen.com/english/advisories/2009/3615
https://bugzilla.redhat.com/show_bug.cgi?id=542394
https://exchange.xforce.ibmcloud.com/vulnerabilities/54983
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01169.html