Lucene search
Ubuntu.comUB:CVE-2013-0786HistoryFeb 24, 2013 - 12:00 a.m.
CVE-2013-0786
2013-02-2400:00:00
ubuntu.com
ubuntu.com
4
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
68.1%
The Bugzilla::Search::build_subselect function in Bugzilla 2.x and 3.x
before 3.6.13 and 3.7.x and 4.0.x before 4.0.10 generates different error
messages for invalid product queries depending on whether a product exists,
which allows remote attackers to discover private product names by using
debug mode for a query.
Related
prion
prion
Design/Logic Flaw
2013-02-24 11:48:00
cve
cve
CVE-2013-0786
2013-02-24 11:48:00
nessus
nessus
FreeBSD : bugzilla -- multiple vulnerabilities (1c8a039b-7b23-11e2-b17b-20cf30e32f6d)
2013-02-21 00:00:00
Bugzilla < 3.6.13 / 4.0.10 / 4.2.5 / 4.4rc2 Multiple Vulnerabilities
2013-02-25 00:00:00
Mandriva Linux Security Advisory : bugzilla (MDVSA-2013:066)
2013-04-20 00:00:00
openvas
openvas
Bugzilla Information Disclosure and Cross-Site Scripting Vulnerabilities
2013-03-01 00:00:00
Fedora Update for bugzilla FEDORA-2013-2845
2013-03-19 00:00:00
Fedora Update for bugzilla FEDORA-2013-2845
2013-03-19 00:00:00
freebsd
freebsd
bugzilla -- multiple vulnerabilities
2013-02-19 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: bugzilla-4.0.10-1.fc17
2013-03-17 01:07:54
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
68.1%
Related for UB:CVE-2013-0786