← volver
CVE-2010-2756

CVE-2010-2756

EPSS 2.0%
Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 allows remote attackers to determine the group memberships of arbitrary users via vectors involving the Search interface, boolean charts, and group-based pronouns.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=417048https://bugzilla.redhat.com/show_bug.cgi?id=623423http://secunia.com/advisories/40892http://secunia.com/advisories/41128http://www.bugzilla.org/security/3.2.7/http://www.securityfocus.com/bid/42275http://www.vupen.com/english/advisories/2010/2035http://www.vupen.com/english/advisories/2010/2205