CVE-2010-0667

Published: 26 February 2010

MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors.

Notes

Author	Note
jdstand	this only affect 1.9

Priority

Status

Package	Release	Status
moin Launchpad, Ubuntu, Debian	dapper	Not vulnerable
	hardy	Not vulnerable
	intrepid	Not vulnerable
	jaunty	Not vulnerable
	karmic	Not vulnerable
	upstream	Released (1.9.1)
	Patches: upstream: http://hg.moinmo.in/moin/1.9/rev/04afdde50094

References

https://www.cve.org/CVERecord?id=CVE-2010-0667
NVD
Launchpad
Debian

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›