← voltar
CVE-2010-2756

CVE-2010-2756

EPSS 2.0%
Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 allows remote attackers to determine the group memberships of arbitrary users via vectors involving the Search interface, boolean charts, and group-based pronouns.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=417048https://bugzilla.redhat.com/show_bug.cgi?id=623423http://secunia.com/advisories/40892http://secunia.com/advisories/41128http://www.bugzilla.org/security/3.2.7/http://www.securityfocus.com/bid/42275http://www.vupen.com/english/advisories/2010/2035http://www.vupen.com/english/advisories/2010/2205