Lucene search

K

MitreCVELIST:CVE-2010-2756

HistoryAug 13, 2010 - 7:00 p.m.

CVE-2010-2756

2010-08-1319:00:00

mitre

www.cve.org

6.3 Medium

AI Score

Confidence

Low

0.02 Low

EPSS

Percentile

89.0%

Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 allows remote attackers to determine the group memberships of arbitrary users via vectors involving the Search interface, boolean charts, and group-based pronouns.

References

lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.html

lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.html

lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.html

secunia.com/advisories/40892

secunia.com/advisories/41128

www.bugzilla.org/security/3.2.7/

www.securityfocus.com/bid/42275

www.vupen.com/english/advisories/2010/2035

www.vupen.com/english/advisories/2010/2205

bugzilla.mozilla.org/show_bug.cgi?id=417048

bugzilla.redhat.com/show_bug.cgi?id=623423

6.3 Medium

AI Score

Confidence

Low

0.02 Low

EPSS

Percentile

89.0%

Related for CVELIST:CVE-2010-2756

nessus6 nvd2 prion2 ubuntucve2 cve2 openvas14 cvelist1 fedora3 freebsd1