Lucene search

[email protected]NVD:CVE-2003-1044

HistoryAug 18, 2004 - 4:00 a.m.

CVE-2003-1044

2004-08-1804:00:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.4 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.2%

JSON

editproducts.cgi in Bugzilla 2.16.3 and earlier, when usebuggroups is enabled, does not properly remove group add privileges from a group that is being deleted, which allows users with those privileges to perform unauthorized additions to the next group that is assigned with the original group ID.

Affected configurations

NVD

Node

mozillabugzillaMatch2.4

mozillabugzillaMatch2.6

mozillabugzillaMatch2.8

mozillabugzillaMatch2.10

mozillabugzillaMatch2.12

mozillabugzillaMatch2.14

mozillabugzillaMatch2.14.1

mozillabugzillaMatch2.14.2

mozillabugzillaMatch2.14.3

mozillabugzillaMatch2.14.4

mozillabugzillaMatch2.14.5

mozillabugzillaMatch2.16

mozillabugzillaMatch2.16.1

mozillabugzillaMatch2.16.2

mozillabugzillaMatch2.16.3

mozillabugzillaMatch2.17.1

mozillabugzillaMatch2.17.3

mozillabugzillaMatch2.17.4

References

bugzilla.mozilla.org/show_bug.cgi?id=219690

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000774

www.securityfocus.com/archive/1/343185

www.securityfocus.com/bid/8953

exchange.xforce.ibmcloud.com/vulnerabilities/13597

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.4 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.2%

JSON

Related for NVD:CVE-2003-1044

cve1 cvelist1 nessus1