viewvc 1.0.3 allows improper access control to files in a repository when using the "forbidden" configuration option.Referenceshttps://security-tracker.debian.org/tracker/CVE-2007-5743https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=416696
