CVE-2011-1752 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:N/I:N/A:P

Base Score

CVSS 3.x

EPSS Score

Percentile: 95%

Affected Products (NVD)

Vendor	Product	Version
apache	subversion	𝑥 < 1.6.17
canonical	ubuntu_linux	10.04
canonical	ubuntu_linux	10.10
canonical	ubuntu_linux	11.04
debian	debian_linux	5.0
debian	debian_linux	6.0
apple	mac_os_x	𝑥 < 10.7.3

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

subversion

bookworm	1.14.2-4 fixed
bullseye	1.14.1-3+deb11u1 fixed
bullseye (security)	1.14.1-3+deb11u1 fixed
sid	1.14.4-2 fixed
trixie	1.14.4-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

subversion

hardy	ignored
lucid	Fixed 1.6.6dfsg-2ubuntu1.3 released
maverick	Fixed 1.6.12dfsg-1ubuntu1.3 released
natty	Fixed 1.6.12dfsg-4ubuntu2.1 released

openSUSE / SLES Releases

openSUSE Product

Release

subversion

suse enterprise desktop 15	1.10.0-1.24 fixed
suse enterprise desktop 15 SP1	1.10.0-3.3.1 fixed
suse enterprise sap 15	1.10.0-1.24 fixed
suse enterprise sap 15 SP1	1.10.0-3.3.1 fixed
suse enterprise server 15	1.10.0-1.24 fixed
suse enterprise server 15 SP1	1.10.0-3.3.1 fixed

subversion-bash-completion

suse enterprise desktop 15	1.10.0-1.24 fixed
suse enterprise desktop 15 SP1	1.10.0-3.3.1 fixed
suse enterprise sap 15	1.10.0-1.24 fixed
suse enterprise sap 15 SP1	1.10.0-3.3.1 fixed
suse enterprise server 15	1.10.0-1.24 fixed
suse enterprise server 15 SP1	1.10.0-3.3.1 fixed

subversion-devel

suse enterprise desktop 15	1.10.0-1.24 fixed
suse enterprise desktop 15 SP1	1.10.0-3.3.1 fixed
suse enterprise sap 15	1.10.0-1.24 fixed
suse enterprise sap 15 SP1	1.10.0-3.3.1 fixed
suse enterprise server 15	1.10.0-1.24 fixed
suse enterprise server 15 SP1	1.10.0-3.3.1 fixed

subversion-perl

suse enterprise desktop 15	1.10.0-1.24 fixed
suse enterprise desktop 15 SP1	1.10.0-3.3.1 fixed
suse enterprise sap 15	1.10.0-1.24 fixed
suse enterprise sap 15 SP1	1.10.0-3.3.1 fixed
suse enterprise server 15	1.10.0-1.24 fixed
suse enterprise server 15 SP1	1.10.0-3.3.1 fixed

subversion-python

suse enterprise desktop 15	1.10.0-1.24 fixed
suse enterprise desktop 15 SP1	1.10.0-3.3.1 fixed
suse enterprise sap 15	1.10.0-1.24 fixed
suse enterprise sap 15 SP1	1.10.0-3.3.1 fixed
suse enterprise server 15	1.10.0-1.24 fixed
suse enterprise server 15 SP1	1.10.0-3.3.1 fixed

subversion-tools

suse enterprise desktop 15	1.10.0-1.24 fixed
suse enterprise desktop 15 SP1	1.10.0-3.3.1 fixed
suse enterprise sap 15	1.10.0-1.24 fixed
suse enterprise sap 15 SP1	1.10.0-3.3.1 fixed
suse enterprise server 15	1.10.0-1.24 fixed
suse enterprise server 15 SP1	1.10.0-3.3.1 fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

mod

RHEL 6

0:1.6.11-2.el6_1.4

fixed

subversion

RHEL 6

0:1.6.11-2.el6_1.4

fixed

subversion-devel

RHEL 6

0:1.6.11-2.el6_1.4

fixed

subversion-gnome

RHEL 6

0:1.6.11-2.el6_1.4

fixed

subversion-javahl

RHEL 6

0:1.6.11-2.el6_1.4

fixed

subversion-kde

RHEL 6

0:1.6.11-2.el6_1.4

fixed

subversion-perl

RHEL 6

0:1.6.11-2.el6_1.4

fixed

subversion-ruby

RHEL 6

0:1.6.11-2.el6_1.4

fixed

subversion-svn2cl

RHEL 6

0:1.6.11-2.el6_1.4

fixed

Common Weakness Enumeration

CWE-476 - NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

References

http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062211.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.html

http://secunia.com/advisories/44633

http://secunia.com/advisories/44681

http://secunia.com/advisories/44849

http://secunia.com/advisories/44879

http://secunia.com/advisories/44888

http://secunia.com/advisories/45162

http://subversion.apache.org/security/CVE-2011-1752-advisory.txt

http://support.apple.com/kb/HT5130

http://svn.apache.org/repos/asf/subversion/tags/1.6.17/CHANGES

http://www.debian.org/security/2011/dsa-2251

http://www.mandriva.com/security/advisories?name=MDVSA-2011:106

http://www.redhat.com/support/errata/RHSA-2011-0861.html

http://www.redhat.com/support/errata/RHSA-2011-0862.html

http://www.securityfocus.com/bid/48091

http://www.securitytracker.com/id?1025617

http://www.ubuntu.com/usn/USN-1144-1

https://bugzilla.redhat.com/show_bug.cgi?id=709111

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18922

http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062211.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061913.html

http://secunia.com/advisories/44633

http://secunia.com/advisories/44681

http://secunia.com/advisories/44849

http://secunia.com/advisories/44879

http://secunia.com/advisories/44888

http://secunia.com/advisories/45162

http://subversion.apache.org/security/CVE-2011-1752-advisory.txt

http://support.apple.com/kb/HT5130

http://svn.apache.org/repos/asf/subversion/tags/1.6.17/CHANGES

http://www.debian.org/security/2011/dsa-2251

http://www.mandriva.com/security/advisories?name=MDVSA-2011:106

http://www.redhat.com/support/errata/RHSA-2011-0861.html

http://www.redhat.com/support/errata/RHSA-2011-0862.html

http://www.securityfocus.com/bid/48091

http://www.securitytracker.com/id?1025617

http://www.ubuntu.com/usn/USN-1144-1

https://bugzilla.redhat.com/show_bug.cgi?id=709111

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18922