CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
Percentile
71.8%
The remote web server is hosting Bugzilla, a web-based bug tracking application.
Versions of Bugzilla earlier than 3.2.7, 3.4.x earlier than 3.4.7, and 3.6.x earlier than 3.6.1 are potentially affected by multiple vulnerabilities :
It is possible to determine time-tracking information for bugs through specially crafted search URLs. (CVE-2010-1204)
If ‘$use_suexec’ is set to ‘1’ in the localconfig file, the localconfig file’s permissions were set as world-readable by checksetup.pl. (CVE-2010-0180)
Binary data 5585.prm