CVE-2012-1118

Published: 29 June 2012

The access_has_bug_level function in core/access_api.php in MantisBT before 1.2.9 does not properly restrict access when the private_bug_view_threshold is set to an array, which allows remote attackers to bypass intended restrictions and perform certain operations on private bug reports.

Priority

Status

Package	Release	Status
mantis Launchpad, Ubuntu, Debian	hardy	Ignored (end of life)
	lucid	Ignored (end of life)
	maverick	Ignored (end of life)
	natty	Released (1.1.8+dfsg-10squeeze2build0.11.04.1)
	oneiric	Ignored (end of life)
	precise	Not vulnerable (1.2.10-1)
	quantal	Not vulnerable (1.2.10-1)
	raring	Not vulnerable (1.2.10-1)
	saucy	Not vulnerable (1.2.10-1)
	upstream	Released (1.2.9)
	Patches: vendor: http://www.debian.org/security/2012/dsa-2500

References

https://www.cve.org/CVERecord?id=CVE-2012-1118
NVD
Launchpad
Debian

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662858
http://www.mantisbt.org/bugs/view.php?id=10124

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›