CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-1406

Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain "unsafe" situations, which has unknown impact and remote attack vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.3%

CVSS Severity

CVSS v2 Score 10.0

References

http://trac.edgewall.org/wiki/ChangeLog
http://trac.edgewall.org/wiki/ChangeLog

Products affected by CVE-2007-1406

Edgewall Software » Trac » Version: 0.10

cpe:2.3:a:edgewall_software:trac:0.10
Edgewall Software » Trac » Version: 0.10.1

cpe:2.3:a:edgewall_software:trac:0.10.1
Edgewall Software » Trac » Version: 0.10.2

cpe:2.3:a:edgewall_software:trac:0.10.2
Edgewall Software » Trac » Version: 0.10.3

cpe:2.3:a:edgewall_software:trac:0.10.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-1406

Products

Pricing

Contact Us