Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-2470

Опубликовано: 28 июн. 2010
Источник: nvd
CVSS2: 1.9
EPSS Низкий

Описание

Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through 3.7.1, when use_suexec is enabled, uses world-readable permissions within (1) .bzr/ and (2) data/webdot/, which allows local users to obtain potentially sensitive data by reading files in these directories, a different vulnerability than CVE-2010-0180.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mozilla:bugzilla:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.5.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.6:rc1:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.6.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.7.1:*:*:*:*:*:*:*

EPSS

Процентиль: 13%
0.00043
Низкий

1.9 Low

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2010-2470

ubuntu
больше 15 лет назад

Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through 3.7.1, when use_suexec is enabled, uses world-readable permissions within (1) .bzr/ and (2) data/webdot/, which allows local users to obtain potentially sensitive data by reading files in these directories, a different vulnerability than CVE-2010-0180.

debian логотип

CVE-2010-2470

debian
больше 15 лет назад

Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through ...

github логотип

GHSA-j577-qqg2-fg9j

github
больше 3 лет назад

Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through 3.7.1, when use_suexec is enabled, uses world-readable permissions within (1) .bzr/ and (2) data/webdot/, which allows local users to obtain potentially sensitive data by reading files in these directories, a different vulnerability than CVE-2010-0180.

EPSS

Процентиль: 13%
0.00043
Низкий

1.9 Low

CVSS2

Дефекты

CWE-264