Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2003-0013

Опубликовано: 17 янв. 2003
Источник: nvd
CVSS2: 7.5
EPSS Низкий

Описание

The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 do not include filenames for backup copies of the localconfig file that are made from editors such as vi and Emacs, which could allow remote attackers to obtain a database password by directly accessing the backup file.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mozilla:bugzilla:2.14:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:2.14.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:2.14.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:2.14.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:2.14.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:2.16:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:2.16.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:2.17:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:2.17.1:*:*:*:*:*:*:*

EPSS

Процентиль: 77%
0.01108
Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

debian логотип

CVE-2003-0013

debian
почти 23 года назад

The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, 2.16. ...

github логотип

GHSA-q9qc-9wgg-p28f

github
больше 3 лет назад

The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 do not include filenames for backup copies of the localconfig file that are made from editors such as vi and Emacs, which could allow remote attackers to obtain a database password by directly accessing the backup file.

EPSS

Процентиль: 77%
0.01108
Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other