Lucene search

K

MitreCVELIST:CVE-2010-2756

HistoryAug 13, 2010 - 7:00 p.m.

CVE-2010-2756

2010-08-1319:00:00

mitre

www.cve.org

7

AI Score

6.3

Confidence

Low

EPSS

0.02

Percentile

89.0%

Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 allows remote attackers to determine the group memberships of arbitrary users via vectors involving the Search interface, boolean charts, and group-based pronouns.

References

lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.html

lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.html

lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.html

secunia.com/advisories/40892

secunia.com/advisories/41128

www.bugzilla.org/security/3.2.7/

www.securityfocus.com/bid/42275

www.vupen.com/english/advisories/2010/2035

www.vupen.com/english/advisories/2010/2205

bugzilla.mozilla.org/show_bug.cgi?id=417048

bugzilla.redhat.com/show_bug.cgi?id=623423

AI Score

6.3

Confidence

Low

EPSS

0.02

Percentile

89.0%

Related for CVELIST:CVE-2010-2756

prion2 nessus6 nvd2 ubuntucve2 openvas14 cve2 cvelist1 fedora3 freebsd1