Lucene search

K
ubuntucveUbuntu.comUB:CVE-2008-7292
HistoryAug 09, 2011 - 12:00 a.m.

CVE-2008-7292

2011-08-0900:00:00
ubuntu.com
ubuntu.com
7

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%

Bugzilla 2.20.x before 2.20.5, 2.22.x before 2.22.3, and 3.0.x before 3.0.3
on Windows does not delete the temporary files associated with uploaded
attachments, which allows local users to obtain sensitive information by
reading these files, a different vulnerability than CVE-2011-2977.

Bugs

Notes

Author Note
mdeslaur looks windows-specific

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%