2 matches found
CVE-2003-1046
describecomponents.cgi in Bugzilla 2.17.3 and 2.17.4 does not properly verify group membership when bug entry groups are used, which allows remote attackers to list component descriptions for otherwise restricted products...
CVE-2003-1046
The CVE-2003-1046 entry concerns Bugzilla versions 2.17.3 and 2.17.4. Describecomponents.cgi fails to properly verify group membership when bug entry groups are used, allowing remote attackers to list component descriptions for products that should be restricted. The core issue is an insufficient...