Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2012-1968
HistoryJul 30, 2012 - 1:55 p.m.

CVE-2012-1968

2012-07-3013:55:10
CWE-264
mitre
web.nvd.nist.gov
33
bugzilla
cve-2012-1968
security vulnerability
html bugmail
remote attack

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.1

Confidence

Low

EPSS

0.002

Percentile

61.4%

JSON

Bugzilla 4.1.x and 4.2.x before 4.2.2 and 4.3.x before 4.3.2 uses bug-editor privileges instead of bugmail-recipient privileges during construction of HTML bugmail documents, which allows remote attackers to obtain sensitive description information by reading the tooltip portions of an HTML e-mail message.

Affected configurations

Nvd
Node
mozillabugzillaMatch4.1
OR
mozillabugzillaMatch4.1.1
OR
mozillabugzillaMatch4.1.2
OR
mozillabugzillaMatch4.1.3
OR
mozillabugzillaMatch4.2
OR
mozillabugzillaMatch4.2rc1
OR
mozillabugzillaMatch4.2rc2
OR
mozillabugzillaMatch4.2.1
OR
mozillabugzillaMatch4.3
OR
mozillabugzillaMatch4.3.1
VendorProductVersionCPE
mozillabugzilla4.1cpe:2.3:a:mozilla:bugzilla:4.1:*:*:*:*:*:*:*
mozillabugzilla4.1.1cpe:2.3:a:mozilla:bugzilla:4.1.1:*:*:*:*:*:*:*
mozillabugzilla4.1.2cpe:2.3:a:mozilla:bugzilla:4.1.2:*:*:*:*:*:*:*
mozillabugzilla4.1.3cpe:2.3:a:mozilla:bugzilla:4.1.3:*:*:*:*:*:*:*
mozillabugzilla4.2cpe:2.3:a:mozilla:bugzilla:4.2:*:*:*:*:*:*:*
mozillabugzilla4.2cpe:2.3:a:mozilla:bugzilla:4.2:rc1:*:*:*:*:*:*
mozillabugzilla4.2cpe:2.3:a:mozilla:bugzilla:4.2:rc2:*:*:*:*:*:*
mozillabugzilla4.2.1cpe:2.3:a:mozilla:bugzilla:4.2.1:*:*:*:*:*:*:*
mozillabugzilla4.3cpe:2.3:a:mozilla:bugzilla:4.3:*:*:*:*:*:*:*
mozillabugzilla4.3.1cpe:2.3:a:mozilla:bugzilla:4.3.1:*:*:*:*:*:*:*

Related

prion 1
nvd 1
ubuntucve 1
cvelist 1
openvas 2
nessus 2
freebsd 1
securityvulns 1
prion
prion
Design/Logic Flaw
2012-07-30 13:55:00
nvd
nvd
CVE-2012-1968
2012-07-30 13:55:10
ubuntucve
ubuntucve
CVE-2012-1968
2012-07-30 00:00:00
cvelist
cvelist
CVE-2012-1968
2012-07-28 18:00:00
openvas
openvas
FreeBSD Ports: bugzilla
2012-08-10 00:00:00
FreeBSD Ports: bugzilla
2012-08-10 00:00:00
nessus
nessus
FreeBSD : bugzilla -- multiple vulnerabilities (58253655-d82c-11e1-907c-20cf30e32f6d)
2012-07-30 00:00:00
Bugzilla < 3.6.10 / 4.0.7 / 4.2.2 / 4.3.2 Multiple Information Disclosures
2012-08-23 00:00:00
freebsd
freebsd
bugzilla -- multiple vulnerabilities
2012-07-26 00:00:00
securityvulns
securityvulns
Security advisory for Bugzilla 4.3.2, 4.2.2, 4.0.7 and 3.6.10
2012-09-03 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.1

Confidence

Low

EPSS

0.002

Percentile

61.4%

JSON
Related for CVE-2012-1968
prion1nvd1ubuntucve1cvelist1openvas2nessus2freebsd1securityvulns1