{
  "modified": "2025-08-09T19:01:27Z",
  "published": "2007-03-10T22:19:00Z",
  "id": "CVE-2007-1406",
  "details": "Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain \"unsafe\" situations, which has unknown impact and remote attack vectors.",
  "references": [
    {
      "type": "WEB",
      "url": "http://trac.edgewall.org/wiki/ChangeLog"
    }
  ]
}