Lucene search

[email protected]NVD:CVE-2004-1634

HistoryOct 25, 2004 - 4:00 a.m.

CVE-2004-1634

2004-10-2504:00:00

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.8%

JSON

show_bug.cgi in Bugzilla 2.17.1 through 2.18rc2 and 2.19 from CVS, when using the insidergroup feature and exporting a bug to XML, shows comments and attachment summaries which are marked as private, which allows remote attackers to gain sensitive information.

Affected configurations

NVD

Node

mozillabugzillaMatch2.4

mozillabugzillaMatch2.6

mozillabugzillaMatch2.8

mozillabugzillaMatch2.10

mozillabugzillaMatch2.12

mozillabugzillaMatch2.14

mozillabugzillaMatch2.14.1

mozillabugzillaMatch2.14.2

mozillabugzillaMatch2.14.3

mozillabugzillaMatch2.14.4

mozillabugzillaMatch2.14.5

mozillabugzillaMatch2.16

mozillabugzillaMatch2.16.1

mozillabugzillaMatch2.16.2

mozillabugzillaMatch2.16.3

mozillabugzillaMatch2.16.4

mozillabugzillaMatch2.16.5

mozillabugzillaMatch2.17

mozillabugzillaMatch2.17.1

mozillabugzillaMatch2.17.3

mozillabugzillaMatch2.17.4

mozillabugzillaMatch2.17.5

mozillabugzillaMatch2.17.6

mozillabugzillaMatch2.17.7

mozillabugzillaMatch2.18rc1

mozillabugzillaMatch2.18rc2

References

marc.info/?l=bugtraq&m=109872095201238&w=2

www.securityfocus.com/bid/11511

bugzilla.mozilla.org/show_bug.cgi?id=263780

exchange.xforce.ibmcloud.com/vulnerabilities/17841

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.8%

JSON

Related for NVD:CVE-2004-1634

cvelist1 cve1 nessus1