PT-2010-2419 · Moinmoin · Moinmoin

Jan Lieskovsky

Published

2010-02-26

Updated

2022-05-02

CVE-2010-0667

CVSS v4.0

8.7

High

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions MoinMoin versions 1.9 through 1.9.1 (excluding 1.9.1)

Description The issue arises when the GATEWAY INTERFACE environment variable is set, and the sys.argv array is not properly cleared, allowing remote attackers to obtain sensitive information via unspecified vectors.

Recommendations For MoinMoin version 1.9, update to version 1.9.1 to resolve the issue. At the moment, there is no additional information about other mitigation measures.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2010-0667

GHSA-876C-QMCF-CXV6

PYSEC-2010-14

Affected Products

Moinmoin

PT-2010-2419 · Moinmoin · Moinmoin

CVE-2010-0667

Weakness Enumeration

Related Identifiers

Affected Products

References · 16