Lucene search

Ubuntu.comUB:CVE-2005-3139

HistoryOct 05, 2005 - 12:00 a.m.

CVE-2005-3139

2005-10-0500:00:00

ubuntu.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.008 Low

EPSS

Percentile

81.3%

JSON

Bugzilla 2.19.1 through 2.20rc2 and 2.21, with user matching turned on in
substring mode, allows attackers to list all users whose names match an
arbitrary substring, even when the usevisibilitygroups parameter is set.

References

launchpad.net/bugs/cve/CVE-2005-3139

nvd.nist.gov/vuln/detail/CVE-2005-3139

security-tracker.debian.org/tracker/CVE-2005-3139

www.cve.org/CVERecord?id=CVE-2005-3139

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.008 Low

EPSS

Percentile

81.3%

JSON

Related for UB:CVE-2005-3139

cve1