Lucene search

K
cvelistMitreCVELIST:CVE-2009-3989
HistoryFeb 03, 2010 - 7:00 p.m.

CVE-2009-3989

2010-02-0319:00:00
mitre
www.cve.org

6 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.5%

Bugzilla before 3.0.11, 3.2.x before 3.2.6, 3.4.x before 3.4.5, and 3.5.x before 3.5.3 does not block access to files and directories that are used by custom installations, which allows remote attackers to obtain sensitive information via requests for (1) CVS/, (2) contrib/, (3) docs/en/xml/, (4) t/, or (5) old-params.txt.

6 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.5%