Lucene search

[email protected]NVD:CVE-2002-0810

HistoryAug 12, 2002 - 4:00 a.m.

CVE-2002-0810

2002-08-1204:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

High

EPSS

0.007

Percentile

79.9%

JSON

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, directs error messages from the syncshadowdb command to the HTML output, which could leak sensitive information, including plaintext passwords, if syncshadowdb fails.

Affected configurations

Nvd

Node

mozillabugzillaMatch2.14

mozillabugzillaMatch2.14.1

mozillabugzillaMatch2.16

mozillabugzillaMatch2.16rc1

VendorProductVersionCPE
mozillabugzilla2.14cpe:2.3:a:mozilla:bugzilla:2.14:*:*:*:*:*:*:*
mozillabugzilla2.14.1cpe:2.3:a:mozilla:bugzilla:2.14.1:*:*:*:*:*:*:*
mozillabugzilla2.16cpe:2.3:a:mozilla:bugzilla:2.16:*:*:*:*:*:*:*
mozillabugzilla2.16cpe:2.3:a:mozilla:bugzilla:2.16:rc1:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	bugzilla	2.14	cpe:2.3:a:mozilla:bugzilla:2.14:::::::*
mozilla	bugzilla	2.14.1	cpe:2.3:a:mozilla:bugzilla:2.14.1:::::::*
mozilla	bugzilla	2.16	cpe:2.3:a:mozilla:bugzilla:2.16:::::::*
mozilla	bugzilla	2.16	cpe:2.3:a:mozilla:bugzilla:2.16:rc1::::::

References

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc

archives.neohapsis.com/archives/bugtraq/2002-06/0054.html

bugzilla.mozilla.org/show_bug.cgi?id=92263

www.iss.net/security_center/static/9306.php

www.osvdb.org/6399

www.redhat.com/support/errata/RHSA-2002-109.html

www.securityfocus.com/bid/4964

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

High

EPSS

0.007

Percentile

79.9%

JSON

Related for NVD:CVE-2002-0810

cvelist1 cve1 nessus1