Lucene search
MitreCVE-2012-5884HistoryNov 16, 2012 - 12:24 p.m.
CVE-2012-5884
2012-11-1612:24:24
CWE-200
mitre
web.nvd.nist.gov
30
cve
bugzilla
user.get
information disclosure
remote attack
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.2
Confidence
Low
EPSS
0.003
Percentile
69.3%
The User.get method in Bugzilla/WebService/User.pm in Bugzilla 4.3.2 allows remote attackers to obtain sensitive information about the saved searches of arbitrary users via an XMLRPC request or a JSONRPC request, a different vulnerability than CVE-2012-4198.
Affected configurations
Node
mozillabugzillaMatch4.3.2
Related
nvd
nvd
CVE-2012-5884
2012-11-16 12:24:24
CVE-2012-4198
2012-11-16 12:24:24
prion
prion
Design/Logic Flaw
2012-11-16 12:24:00
Design/Logic Flaw
2012-11-16 12:24:00
cvelist
cvelist
CVE-2012-5884
2012-11-16 11:00:00
CVE-2012-4198
2012-11-16 11:00:00
ubuntucve
ubuntucve
CVE-2012-5884
2012-11-16 00:00:00
CVE-2012-4198
2012-11-16 00:00:00
seebug
seebug
Bugzilla User.get()çťäżĄćŻćłé˛ćźć´
2012-11-19 00:00:00
cve
cve
CVE-2012-4198
2012-11-16 12:24:24
openvas
openvas
FreeBSD Ports: bugzilla
2012-11-26 00:00:00
FreeBSD Ports: bugzilla
2012-11-26 00:00:00
securityvulns
securityvulns
Security advisory for Bugzilla 4.4rc1, 4.2.4, 4.0.9 and 3.6.12
2012-11-18 00:00:00
nessus
nessus
Bugzilla < 3.6.12 / 4.0.9 / 4.2.4 / 4.4rc1 Multiple Vulnerabilities
2012-11-20 00:00:00
FreeBSD : bugzilla -- multiple vulnerabilities (2b841f88-2e8d-11e2-ad21-20cf30e32f6d)
2012-11-19 00:00:00
Mandriva Linux Security Advisory : bugzilla (MDVSA-2013:066)
2013-04-20 00:00:00
freebsd
freebsd
bugzilla -- multiple vulnerabilities
2012-11-13 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.2
Confidence
Low
EPSS
0.003
Percentile
69.3%
Related for CVE-2012-5884