Oval Definition:oval:org.opensuse.security:def:20103707
Revision Date:2015-11-16Version:1
Title:CVE-2010-3707
Description:
plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2010-3707
Platform(s):openSUSE 11.2
openSUSE 11.3
Product(s):
Definition Synopsis
  • Release Information
  • suse112 is installed
  • AND
  • dovecot12-backend-mysql less than 1.2.9-0.5.1
  • OR dovecot12-backend-pgsql less than 1.2.9-0.5.1
  • OR dovecot12-backend-sqlite less than 1.2.9-0.5.1
  • OR dovecot12-devel less than 1.2.9-0.5.1
  • OR dovecot12-fts-lucene less than 1.2.9-0.5.1
  • OR dovecot12 less than 1.2.9-0.5.1
  • OR Package Information
  • suse113 is installed
  • AND
  • dovecot12-backend-mysql less than 1.2.11-3.3.1
  • OR dovecot12-backend-pgsql less than 1.2.11-3.3.1
  • OR dovecot12-backend-sqlite less than 1.2.11-3.3.1
  • OR dovecot12-devel less than 1.2.11-3.3.1
  • OR dovecot12-fts-lucene less than 1.2.11-3.3.1
  • OR dovecot12-fts-solr less than 1.2.11-3.3.1
  • OR dovecot12 less than 1.2.11-3.3.1
  • BACK