Candidate: CVE-2012-4568
PublicDate: 2017-10-23 18:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4568
 http://www.openwall.com/lists/oss-security/2012/10/06/1
Description:
 Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS
 (formerly MyDMS) before 3.3.8 allow remote attackers to hijack the
 authentication of unspecified victims via unknown vectors.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH]

Patches_letodms:
upstream_letodms: released (3.3.9+dfsg-1)
hardy_letodms: DNE
lucid_letodms: DNE
oneiric_letodms: ignored (reached end-of-life)
precise_letodms: ignored (reached end-of-life)
precise/esm_letodms: DNE (precise was needed)
quantal_letodms: ignored (reached end-of-life)
raring_letodms: not-affected (3.3.9+dfsg-1)
saucy_letodms: not-affected (3.3.9+dfsg-1)
trusty_letodms: not-affected (3.3.9+dfsg-1)
trusty/esm_letodms: DNE (trusty was not-affected [3.3.9+dfsg-1])
utopic_letodms: not-affected (3.3.9+dfsg-1)
vivid_letodms: not-affected (3.3.9+dfsg-1)
vivid/stable-phone-overlay_letodms: DNE
vivid/ubuntu-core_letodms: DNE
wily_letodms: not-affected (3.3.9+dfsg-1)
xenial_letodms: not-affected (3.3.9+dfsg-1)
yakkety_letodms: not-affected (3.3.9+dfsg-1)
zesty_letodms: not-affected (3.3.9+dfsg-1)
devel_letodms: not-affected (3.3.9+dfsg-1)