UBUNTU-CVE-2016-1242

Source
https://ubuntu.com/security/CVE-2016-1242
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-1242.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2016-1242
Related
Published
2016-09-07T19:28:00Z
Modified
2024-10-15T14:05:50Z
Severity
  • 4.4 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors.

References

Affected packages

Ubuntu:Pro:16.04:LTS / tryton-server

Package

Name
tryton-server
Purl
pkg:deb/ubuntu/tryton-server?arch=src?distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.6.2-1
3.6.3-2
3.6.3-3
3.8.0-1
3.8.1-1
3.8.2-1
3.8.3-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}