Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-3387

Опубликовано: 03 фев. 2010
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

Bugzilla 3.3.1 through 3.4.4, 3.5.1, and 3.5.2 does not allow group restrictions to be preserved throughout the process of moving a bug to a different product category, which allows remote attackers to obtain sensitive information via a request for a bug in opportunistic circumstances.

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mozilla:bugzilla:3.3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.3.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.3.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.3.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.4.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.4.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.4.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.5.2:*:*:*:*:*:*:*

EPSS

Процентиль: 70%
0.00651
Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu
больше 15 лет назад

Bugzilla 3.3.1 through 3.4.4, 3.5.1, and 3.5.2 does not allow group restrictions to be preserved throughout the process of moving a bug to a different product category, which allows remote attackers to obtain sensitive information via a request for a bug in opportunistic circumstances.

redhat
почти 20 лет назад

Bugzilla 3.3.1 through 3.4.4, 3.5.1, and 3.5.2 does not allow group restrictions to be preserved throughout the process of moving a bug to a different product category, which allows remote attackers to obtain sensitive information via a request for a bug in opportunistic circumstances.

debian
больше 15 лет назад

Bugzilla 3.3.1 through 3.4.4, 3.5.1, and 3.5.2 does not allow group re ...

github
больше 3 лет назад

Bugzilla 3.3.1 through 3.4.4, 3.5.1, and 3.5.2 does not allow group restrictions to be preserved throughout the process of moving a bug to a different product category, which allows remote attackers to obtain sensitive information via a request for a bug in opportunistic circumstances.

EPSS

Процентиль: 70%
0.00651
Низкий

5 Medium

CVSS2

Дефекты

CWE-264