Lucene search
HistoryNov 16, 2012 - 12:24 p.m.
CVE-2012-4197
cve-2012-4197
bugzilla
attachment.pm
attachment.cgi
unauthorized access
security vulnerability
6.6 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.004 Low
EPSS
Percentile
72.6%
Bugzilla/Attachment.pm in attachment.cgi in Bugzilla 2.x and 3.x before 3.6.12, 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 allows remote attackers to read attachment descriptions from private bugs via an obsolete=1 insert action.
Related
prion
prion
Deserialization of untrusted data
2012-11-16 12:24:00
ubuntucve
ubuntucve
CVE-2012-4197
2012-11-16 00:00:00
openvas
openvas
FreeBSD Ports: bugzilla
2012-11-26 00:00:00
FreeBSD Ports: bugzilla
2012-11-26 00:00:00
nessus
nessus
Bugzilla < 3.6.12 / 4.0.9 / 4.2.4 / 4.4rc1 Multiple Vulnerabilities
2012-11-20 00:00:00
FreeBSD : bugzilla -- multiple vulnerabilities (2b841f88-2e8d-11e2-ad21-20cf30e32f6d)
2012-11-19 00:00:00
Mandriva Linux Security Advisory : bugzilla (MDVSA-2013:066)
2013-04-20 00:00:00
securityvulns
securityvulns
Security advisory for Bugzilla 4.4rc1, 4.2.4, 4.0.9 and 3.6.12
2012-11-18 00:00:00
freebsd
freebsd
bugzilla -- multiple vulnerabilities
2012-11-13 00:00:00
6.6 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.004 Low
EPSS
Percentile
72.6%
Related for CVE-2012-4197