Vulnerabilities > CVE-2007-1406 - Unspecified vulnerability in Edgewall Software Trac

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

edgewall-software

NVD

Published: 2007-03-10

Updated: 2024-11-21

Summary

Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain "unsafe" situations, which has unknown impact and remote attack vectors.

Vulnerable Configurations

Part	Description	Count
Application	Edgewall_Software Edgewall Software Trac 0.10.3 Edgewall Software Trac 0.10 Edgewall Software Trac 0.10.2 Edgewall Software Trac 0.10.1	4

References

http://trac.edgewall.org/wiki/ChangeLog
http://trac.edgewall.org/wiki/ChangeLog