Lucene search

[email protected]CVE-2002-0808

HistoryApr 02, 2003 - 5:00 a.m.

CVE-2002-0808

2003-04-0205:00:00

[email protected]

web.nvd.nist.gov

bugzilla

cve-2002-0808

security

groupset permissions

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.1%

JSON

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when performing a mass change, sets the groupset of all bugs to the groupset of the first bug, which could inadvertently cause insecure groupset permissions to be assigned to some bugs.

Affected configurations

NVD

Node

mozillabugzillaMatch2.14

mozillabugzillaMatch2.14.1

mozillabugzillaMatch2.16

mozillabugzillaMatch2.16rc1

CPENameOperatorVersion
mozilla:bugzillamozilla bugzillaeq2.14
mozilla:bugzillamozilla bugzillaeq2.14.1
mozilla:bugzillamozilla bugzillaeq2.16

CPE	Name	Operator	Version
mozilla:bugzilla	mozilla bugzilla	eq	2.14
mozilla:bugzilla	mozilla bugzilla	eq	2.14.1
mozilla:bugzilla	mozilla bugzilla	eq	2.16

References

archives.neohapsis.com/archives/bugtraq/2002-06/0054.html

bugzilla.mozilla.org/show_bug.cgi?id=107718

www.iss.net/security_center/static/9305.php

www.redhat.com/support/errata/RHSA-2002-109.html

www.securityfocus.com/bid/4964

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.1%

JSON

Related for CVE-2002-0808

cvelist1 nvd1 nessus1