Home

CVE-2016-1242

Description

file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors.

Risk Information

Base Score
4.4
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.162

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2016-1241,CVE-2016-1242 are fixed in Python-trytond 3.2.17Windows
Vulnerabilities CVE-2016-1241,CVE-2016-1242 are fixed in Python-trytond 3.4.14Windows
Vulnerabilities CVE-2016-1241,CVE-2016-1242 are fixed in Python-trytond 3.6.12Windows
Vulnerabilities CVE-2016-1241,CVE-2016-1242 are fixed in Python-trytond 3.8.8Windows
Vulnerabilities CVE-2016-1241,CVE-2016-1242 are fixed in Python-trytond 4.0.4Windows
Vulnerabilities CVE-2016-1241,CVE-2016-1242 are fixed in Python-tryton 3.2.17Windows
Vulnerabilities CVE-2016-1241,CVE-2016-1242 are fixed in Python-trytond for linux 3.2.17Linux
Vulnerabilities CVE-2016-1241,CVE-2016-1242 are fixed in Python-trytond for linux 3.4.14Linux
Vulnerabilities CVE-2016-1241,CVE-2016-1242 are fixed in Python-trytond for linux 3.6.12Linux
Vulnerabilities CVE-2016-1241,CVE-2016-1242 are fixed in Python-trytond for linux 3.8.8Linux
Vulnerabilities CVE-2016-1241,CVE-2016-1242 are fixed in Python-trytond for linux 4.0.4Linux
Vulnerabilities CVE-2016-1241,CVE-2016-1242 are fixed in Python-tryton for linux 3.2.17Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234