CVE-2010-2756

2010-08-16T00:00:00
ID UB:CVE-2010-2756
Type ubuntucve
Reporter ubuntu.com
Modified 2010-08-16T00:00:00

Description

Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 allows remote attackers to determine the group memberships of arbitrary users via vectors involving the Search interface, boolean charts, and group-based pronouns.