Lucene search

MitreCVE-2005-1565

HistoryMay 14, 2005 - 4:00 a.m.

CVE-2005-1565

2005-05-1404:00:00

mitre

web.nvd.nist.gov

bugzilla

vulnerability

sensitive information

url

password

disclosure

cve-2005-1565

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.003

Percentile

71.5%

JSON

Bugzilla 2.17.1 through 2.18, 2.19.1, and 2.19.2, when a user is prompted to log in while attempting to view a chart, displays the password in the URL, which may allow local users to gain sensitive information from web logs or browser history.

Affected configurations

Nvd

Node

mozillabugzillaMatch2.10

mozillabugzillaMatch2.12

mozillabugzillaMatch2.14

mozillabugzillaMatch2.14.1

mozillabugzillaMatch2.14.2

mozillabugzillaMatch2.14.3

mozillabugzillaMatch2.14.4

mozillabugzillaMatch2.14.5

mozillabugzillaMatch2.16

mozillabugzillaMatch2.16.1

mozillabugzillaMatch2.16.2

mozillabugzillaMatch2.16.3

mozillabugzillaMatch2.16.4

mozillabugzillaMatch2.16.5

mozillabugzillaMatch2.17

mozillabugzillaMatch2.17.1

mozillabugzillaMatch2.17.3

mozillabugzillaMatch2.17.4

mozillabugzillaMatch2.17.5

mozillabugzillaMatch2.17.6

mozillabugzillaMatch2.17.7

mozillabugzillaMatch2.18rc1

mozillabugzillaMatch2.18rc2

mozillabugzillaMatch2.19.1

mozillabugzillaMatch2.19.2

VendorProductVersionCPE
mozillabugzilla2.10cpe:2.3:a:mozilla:bugzilla:2.10:*:*:*:*:*:*:*
mozillabugzilla2.12cpe:2.3:a:mozilla:bugzilla:2.12:*:*:*:*:*:*:*
mozillabugzilla2.14cpe:2.3:a:mozilla:bugzilla:2.14:*:*:*:*:*:*:*
mozillabugzilla2.14.1cpe:2.3:a:mozilla:bugzilla:2.14.1:*:*:*:*:*:*:*
mozillabugzilla2.14.2cpe:2.3:a:mozilla:bugzilla:2.14.2:*:*:*:*:*:*:*
mozillabugzilla2.14.3cpe:2.3:a:mozilla:bugzilla:2.14.3:*:*:*:*:*:*:*
mozillabugzilla2.14.4cpe:2.3:a:mozilla:bugzilla:2.14.4:*:*:*:*:*:*:*
mozillabugzilla2.14.5cpe:2.3:a:mozilla:bugzilla:2.14.5:*:*:*:*:*:*:*
mozillabugzilla2.16cpe:2.3:a:mozilla:bugzilla:2.16:*:*:*:*:*:*:*
mozillabugzilla2.16.1cpe:2.3:a:mozilla:bugzilla:2.16.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	bugzilla	2.10	cpe:2.3:a:mozilla:bugzilla:2.10:::::::*
mozilla	bugzilla	2.12	cpe:2.3:a:mozilla:bugzilla:2.12:::::::*
mozilla	bugzilla	2.14	cpe:2.3:a:mozilla:bugzilla:2.14:::::::*
mozilla	bugzilla	2.14.1	cpe:2.3:a:mozilla:bugzilla:2.14.1:::::::*
mozilla	bugzilla	2.14.2	cpe:2.3:a:mozilla:bugzilla:2.14.2:::::::*
mozilla	bugzilla	2.14.3	cpe:2.3:a:mozilla:bugzilla:2.14.3:::::::*
mozilla	bugzilla	2.14.4	cpe:2.3:a:mozilla:bugzilla:2.14.4:::::::*
mozilla	bugzilla	2.14.5	cpe:2.3:a:mozilla:bugzilla:2.14.5:::::::*
mozilla	bugzilla	2.16	cpe:2.3:a:mozilla:bugzilla:2.16:::::::*
mozilla	bugzilla	2.16.1	cpe:2.3:a:mozilla:bugzilla:2.16.1:::::::*

Rows per page:

1-10 of 251

References

distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=001040

marc.info/?l=bugtraq&m=111592031902962&w=2

secunia.com/advisories/15338

www.osvdb.org/16427

www.securityfocus.com/bid/13605

www.vupen.com/english/advisories/2005/0533

bugzilla.mozilla.org/show_bug.cgi?id=287436

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.003

Percentile

71.5%

JSON

Related for CVE-2005-1565