PT-2007-2800 · Edgewall · Trac

Published

2007-03-10

Updated

2022-05-01

CVE-2007-1406

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Trac versions prior to 0.10.3.1

Description The issue concerns Trac not sending a Content-Disposition HTTP header specifying an attachment in certain "unsafe" situations. This has unknown impact and remote attack vectors.

Recommendations For versions prior to 0.10.3.1, update to version 0.10.3.1 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-1406

GHSA-7JJR-3R8R-9PCF

PYSEC-2007-3

Affected Products

Trac

PT-2007-2800 · Edgewall · Trac

CVE-2007-1406

Related Identifiers

Affected Products

References · 9