2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
Bugzilla 2.20.x before 2.20.5, 2.22.x before 2.22.3, and 3.0.x before 3.0.3
on Windows does not delete the temporary files associated with uploaded
attachments, which allows local users to obtain sensitive information by
reading these files, a different vulnerability than CVE-2011-2977.
Author | Note |
---|---|
mdeslaur | looks windows-specific |