Lucene search

K

MitreCVELIST:CVE-2010-2757

HistoryAug 13, 2010 - 7:00 p.m.

CVE-2010-2757

2010-08-1319:00:00

mitre

www.cve.org

1

5.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.7%

The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 does not properly send impersonation notifications, which makes it easier for remote authenticated users to impersonate other users without discovery.

References

lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.html

lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.html

lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.html

secunia.com/advisories/40892

secunia.com/advisories/41128

www.bugzilla.org/security/3.2.7/

www.securityfocus.com/bid/42275

www.vupen.com/english/advisories/2010/2035

www.vupen.com/english/advisories/2010/2205

bugzilla.mozilla.org/show_bug.cgi?id=450013

bugzilla.redhat.com/show_bug.cgi?id=623423

5.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.7%

Related for CVELIST:CVE-2010-2757

nvd1 cve1 ubuntucve1 prion1 fedora3 openvas10 nessus5 freebsd1