← volver
CVE-2012-4197

CVE-2012-4197

EPSS 1.5%
Bugzilla/Attachment.pm in attachment.cgi in Bugzilla 2.x and 3.x before 3.6.12, 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 allows remote attackers to read attachment descriptions from private bugs via an obsolete=1 insert action.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugzilla.mozilla.org/show_bug.cgi?id=802204https://exchange.xforce.ibmcloud.com/vulnerabilities/80032http://www.bugzilla.org/security/3.6.11/http://www.mandriva.com/security/advisories?name=MDVSA-2013:066