Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2004-1634
HistoryOct 25, 2004 - 4:00 a.m.

CVE-2004-1634

2004-10-2504:00:00
[email protected]
web.nvd.nist.gov
11

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

High

EPSS

0.002

Percentile

64.8%

JSON

show_bug.cgi in Bugzilla 2.17.1 through 2.18rc2 and 2.19 from CVS, when using the insidergroup feature and exporting a bug to XML, shows comments and attachment summaries which are marked as private, which allows remote attackers to gain sensitive information.

Affected configurations

Nvd
Node
mozillabugzillaMatch2.4
OR
mozillabugzillaMatch2.6
OR
mozillabugzillaMatch2.8
OR
mozillabugzillaMatch2.10
OR
mozillabugzillaMatch2.12
OR
mozillabugzillaMatch2.14
OR
mozillabugzillaMatch2.14.1
OR
mozillabugzillaMatch2.14.2
OR
mozillabugzillaMatch2.14.3
OR
mozillabugzillaMatch2.14.4
OR
mozillabugzillaMatch2.14.5
OR
mozillabugzillaMatch2.16
OR
mozillabugzillaMatch2.16.1
OR
mozillabugzillaMatch2.16.2
OR
mozillabugzillaMatch2.16.3
OR
mozillabugzillaMatch2.16.4
OR
mozillabugzillaMatch2.16.5
OR
mozillabugzillaMatch2.17
OR
mozillabugzillaMatch2.17.1
OR
mozillabugzillaMatch2.17.3
OR
mozillabugzillaMatch2.17.4
OR
mozillabugzillaMatch2.17.5
OR
mozillabugzillaMatch2.17.6
OR
mozillabugzillaMatch2.17.7
OR
mozillabugzillaMatch2.18rc1
OR
mozillabugzillaMatch2.18rc2
VendorProductVersionCPE
mozillabugzilla2.4cpe:2.3:a:mozilla:bugzilla:2.4:*:*:*:*:*:*:*
mozillabugzilla2.6cpe:2.3:a:mozilla:bugzilla:2.6:*:*:*:*:*:*:*
mozillabugzilla2.8cpe:2.3:a:mozilla:bugzilla:2.8:*:*:*:*:*:*:*
mozillabugzilla2.10cpe:2.3:a:mozilla:bugzilla:2.10:*:*:*:*:*:*:*
mozillabugzilla2.12cpe:2.3:a:mozilla:bugzilla:2.12:*:*:*:*:*:*:*
mozillabugzilla2.14cpe:2.3:a:mozilla:bugzilla:2.14:*:*:*:*:*:*:*
mozillabugzilla2.14.1cpe:2.3:a:mozilla:bugzilla:2.14.1:*:*:*:*:*:*:*
mozillabugzilla2.14.2cpe:2.3:a:mozilla:bugzilla:2.14.2:*:*:*:*:*:*:*
mozillabugzilla2.14.3cpe:2.3:a:mozilla:bugzilla:2.14.3:*:*:*:*:*:*:*
mozillabugzilla2.14.4cpe:2.3:a:mozilla:bugzilla:2.14.4:*:*:*:*:*:*:*
Rows per page:
1-10 of 261

Related

cvelist 1
cve 1
nessus 1
cvelist
cvelist
CVE-2004-1634
2005-02-20 05:00:00
cve
cve
CVE-2004-1634
2005-02-20 05:00:00
nessus
nessus
Bugzilla < 2.16.7 / 2.18.0rc3 Multiple Information Disclosures
2004-10-25 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

High

EPSS

0.002

Percentile

64.8%

JSON
Related for NVD:CVE-2004-1634
cvelist1cve1nessus1