CVE-2006-6515

Published: Dec 14, 2006Modified: Apr 23, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Mantis before 1.1.0a2 sets the default value of $g_bug_reminder_threshold to "reporter" instead of a more privileged role, which has unknown impact and attack vectors, possibly related to frequency of reminders.

Affected (16)

Products: Mantis: Mantis

Mantis

1 product

Mantis

Configuration A

16 vulnerable

Vulnerable Software	Affected Versions
Mantis Mantis	Up to 1.1.0a1
Mantis Mantis	Version 1.0.0
Mantis Mantis	Version 1.0.0_rc1
Mantis Mantis	Version 1.0.0_rc2
Mantis Mantis	Version 1.0.0_rc3
Mantis Mantis	Version 1.0.0_rc4
Mantis Mantis	Version 1.0.0_rc5
Mantis Mantis	Version 1.0.0a1
Mantis Mantis	Version 1.0.0a2
Mantis Mantis	Version 1.0.0a3
Mantis Mantis	Version 1.0.1
Mantis Mantis	Version 1.0.2
Mantis Mantis	Version 1.0.3
Mantis Mantis	Version 1.0.4
Mantis Mantis	Version 1.0.5
Mantis Mantis	Version 1.0.6

References (4)

http://sourceforge.net/project/shownotes.php?release_id=469627

Source: cve@mitre.org

Patch

http://www.mantisbugtracker.com/changelog.php

Source: cve@mitre.org

http://sourceforge.net/project/shownotes.php?release_id=469627

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.mantisbugtracker.com/changelog.php

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.