Lucene search

K

MitreCVELIST:CVE-2010-2757

HistoryAug 13, 2010 - 7:00 p.m.

CVE-2010-2757

2010-08-1319:00:00

mitre

www.cve.org

5

AI Score

5.9

Confidence

Low

EPSS

0.003

Percentile

65.7%

The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 does not properly send impersonation notifications, which makes it easier for remote authenticated users to impersonate other users without discovery.

References

lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.html

lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.html

lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.html

secunia.com/advisories/40892

secunia.com/advisories/41128

www.bugzilla.org/security/3.2.7/

www.securityfocus.com/bid/42275

www.vupen.com/english/advisories/2010/2035

www.vupen.com/english/advisories/2010/2205

bugzilla.mozilla.org/show_bug.cgi?id=450013

bugzilla.redhat.com/show_bug.cgi?id=623423

AI Score

5.9

Confidence

Low

EPSS

0.003

Percentile

65.7%

Related for CVELIST:CVE-2010-2757

prion1 cve1 nvd1 ubuntucve1 fedora3 openvas10 freebsd1 nessus5