3 matches found
CVE-2010-2470
Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through 3.7.1, when usesuexec is enabled, uses world-readable permissions within 1 .bzr/ and 2 data/webdot/, which allows local users to obtain potentially sensitive data by reading files in these directories, a different vulnerability...
CVE-2010-2470
Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through 3.7.1, when usesuexec is enabled, uses world-readable permissions within 1 .bzr/ and 2 data/webdot/, which allows local users to obtain potentially sensitive data by reading files in these directories, a different vulnerability...
CVE-2010-2470
CVE-2010-2470 affects Bugzilla’s Install/Filesystem.pm in Bugzilla versions 3.5.1–3.6.1 and 3.7–3.7.1 when use_suexec is enabled. It allows local users to read potentially sensitive data due to world-readable permissions inside the directories in question: (.bzr/ and data/webdot/), per the descri...