Spectra Container Editor Preview Object Security Vulnerability
BID:1181
Info
Spectra Container Editor Preview Object Security Vulnerability
| Bugtraq ID: | 1181 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 24 2000 12:00AM |
| Updated: | Apr 24 2000 12:00AM |
| Credit: | Publicized by Allaire in an Allaire Security Bulletin (ASB00-10) on April 24, 2000. |
| Vulnerable: |
Allaire Spectra 1.0.1 Allaire Spectra 1.0 |
| Not Vulnerable: | |
Discussion
Spectra Container Editor Preview Object Security Vulnerability
The container editor tool in Spectra, allows any user to access an object whether or not they have the proper permissions. Once a user calls for a specific object, they are able to view the object within the container editor preview tab.
The container editor tool in Spectra, allows any user to access an object whether or not they have the proper permissions. Once a user calls for a specific object, they are able to view the object within the container editor preview tab.
Exploit / POC
Spectra Container Editor Preview Object Security Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Spectra Container Editor Preview Object Security Vulnerability
Solution:
Allaire has released a patch which rectifies this issue:
http://download.allaire.com/patches/ASB00-10fix.zip
Solution:
Allaire has released a patch which rectifies this issue:
http://download.allaire.com/patches/ASB00-10fix.zip
References
Spectra Container Editor Preview Object Security Vulnerability
References:
References: