Lucene search
Ubuntu.comUB:CVE-2009-3989HistoryFeb 03, 2010 - 12:00 a.m.
CVE-2009-3989
2010-02-0300:00:00
ubuntu.com
ubuntu.com
14
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.005 Low
EPSS
Percentile
76.3%
Bugzilla before 3.0.11, 3.2.x before 3.2.6, 3.4.x before 3.4.5, and 3.5.x
before 3.5.3 does not block access to files and directories that are used
by custom installations, which allows remote attackers to obtain sensitive
information via requests for (1) CVS/, (2) contrib/, (3) docs/en/xml/, (4)
t/, or (5) old-params.txt.
Bugs
Related
prion
prion
Code injection
2010-02-03 19:30:00
openvas
openvas
Bugzilla Directory Access Information Disclosure Vulnerability
2010-02-02 00:00:00
Bugzilla Directory Access Information Disclosure Vulnerability
2010-02-02 00:00:00
Fedora Update for bugzilla FEDORA-2010-10398
2010-07-06 00:00:00
nessus
nessus
Bugzilla Directory Access Information Disclosure
2010-02-10 00:00:00
Fedora 11 : bugzilla-3.2.6-2.fc11 (2010-1458)
2010-07-01 00:00:00
Fedora 12 : bugzilla-3.4.8-1.fc12 (2010-13072)
2010-08-29 00:00:00
cve
cve
CVE-2009-3989
2010-02-03 19:30:00
securityvulns
securityvulns
Security Advisory for Bugzilla 3.0.10, 3.2.5, 3.4.4, and 3.5.2
2010-02-04 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: bugzilla-3.4.7-1.fc12
2010-07-05 22:01:52
[SECURITY] Fedora 11 Update: bugzilla-3.2.6-2.fc11
2010-02-09 05:10:39
[SECURITY] Fedora 12 Update: bugzilla-3.4.9-1.fc12
2010-11-14 21:31:53
gentoo
gentoo
Bugzilla: Multiple vulnerabilities
2010-06-04 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.005 Low
EPSS
Percentile
76.3%
Related for UB:CVE-2009-3989