CVE-2005-4854

Published: Dec 31, 2005Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

eZ publish 3.5 through 3.7 before 20050830 does not use a folder's read permissions to restrict notifications, which allows remote authenticated users to obtain sensitive information about changes to content in arbitrary folders.

Affected (38)

Products: Ez: Ez Publish

1 product

Ez Publish

Configuration A

38 vulnerable

Vulnerable Software	Affected Versions
Ez Ez Publish	Version 3.5.0
Ez Ez Publish	Version 3.5.10
Ez Ez Publish	Version 3.5.11
Ez Ez Publish	Version 3.5.1
Ez Ez Publish	Version 3.5.2
Ez Ez Publish	Version 3.5.3
Ez Ez Publish	Version 3.5.4
Ez Ez Publish	Version 3.5.5
Ez Ez Publish	Version 3.5.6
Ez Ez Publish	Version 3.5.7
Ez Ez Publish	Version 3.5.8
Ez Ez Publish	Version 3.5.9
Ez Ez Publish	Version 3.6.0
Ez Ez Publish	Version 3.6.10
Ez Ez Publish	Version 3.6.11
Ez Ez Publish	Version 3.6.12
Ez Ez Publish	Version 3.6.1
Ez Ez Publish	Version 3.6.2
Ez Ez Publish	Version 3.6.3
Ez Ez Publish	Version 3.6.4
Ez Ez Publish	Version 3.6.5
Ez Ez Publish	Version 3.6.6
Ez Ez Publish	Version 3.6.7
Ez Ez Publish	Version 3.6.8
Ez Ez Publish	Version 3.6.9
Ez Ez Publish	Version 3.7.0
Ez Ez Publish	Version 3.7.10
Ez Ez Publish	Version 3.7.11
Ez Ez Publish	Version 3.7.12
Ez Ez Publish	Version 3.7.1
Ez Ez Publish	Version 3.7.2
Ez Ez Publish	Version 3.7.3
Ez Ez Publish	Version 3.7.4
Ez Ez Publish	Version 3.7.5
Ez Ez Publish	Version 3.7.6
Ez Ez Publish	Version 3.7.7
Ez Ez Publish	Version 3.7.8
Ez Ez Publish	Version 3.7.9

Related CWEs

CWE-264

References (4)

http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_6_x_3_7_x_to_3_8_0

Source: cve@mitre.org

http://issues.ez.no/6355

Source: cve@mitre.org

http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_6_x_3_7_x_to_3_8_0

Source: af854a3a-2127-422b-91ae-364da2661108

http://issues.ez.no/6355

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.