Lucene search
HistoryJul 08, 2005 - 4:00 a.m.
CVE-2005-2174
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0.001
Percentile
46.7%
Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 inserts a bug into the database before it is marked private, which introduces a race condition and allows attackers to access information about the bug via buglist.cgi before MySQL replication is complete.
Affected configurations
Node
mozillabugzillaMatch2.17.1
ORmozillabugzillaMatch2.17.3
ORmozillabugzillaMatch2.17.4
ORmozillabugzillaMatch2.17.5
ORmozillabugzillaMatch2.17.6
ORmozillabugzillaMatch2.17.7
ORmozillabugzillaMatch2.18
ORmozillabugzillaMatch2.18rc1
ORmozillabugzillaMatch2.18rc2
ORmozillabugzillaMatch2.18rc3
ORmozillabugzillaMatch2.18.1
ORmozillabugzillaMatch2.19
ORmozillabugzillaMatch2.19.1
ORmozillabugzillaMatch2.19.2
ORmozillabugzillaMatch2.19.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | bugzilla | 2.17.1 | cpe:2.3:a:mozilla:bugzilla:2.17.1:*:*:*:*:*:*:* |
| mozilla | bugzilla | 2.17.3 | cpe:2.3:a:mozilla:bugzilla:2.17.3:*:*:*:*:*:*:* |
| mozilla | bugzilla | 2.17.4 | cpe:2.3:a:mozilla:bugzilla:2.17.4:*:*:*:*:*:*:* |
| mozilla | bugzilla | 2.17.5 | cpe:2.3:a:mozilla:bugzilla:2.17.5:*:*:*:*:*:*:* |
| mozilla | bugzilla | 2.17.6 | cpe:2.3:a:mozilla:bugzilla:2.17.6:*:*:*:*:*:*:* |
| mozilla | bugzilla | 2.17.7 | cpe:2.3:a:mozilla:bugzilla:2.17.7:*:*:*:*:*:*:* |
| mozilla | bugzilla | 2.18 | cpe:2.3:a:mozilla:bugzilla:2.18:*:*:*:*:*:*:* |
| mozilla | bugzilla | 2.18 | cpe:2.3:a:mozilla:bugzilla:2.18:rc1:*:*:*:*:*:* |
| mozilla | bugzilla | 2.18 | cpe:2.3:a:mozilla:bugzilla:2.18:rc2:*:*:*:*:*:* |
| mozilla | bugzilla | 2.18 | cpe:2.3:a:mozilla:bugzilla:2.18:rc3:*:*:*:*:*:* |
Related
cve
cve
CVE-2005-2174
2005-07-08 04:00:00
ubuntucve
ubuntucve
CVE-2005-2174
2005-07-08 00:00:00
cvelist
cvelist
CVE-2005-2174
2005-07-08 04:00:00
openvas
openvas
FreeBSD Ports: bugzilla, ja-bugzilla
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200507-12 (bugzilla)
2008-09-24 00:00:00
FreeBSD Ports: bugzilla, ja-bugzilla
2008-09-04 00:00:00
freebsd
freebsd
bugzilla -- multiple vulnerabilities
2005-07-07 00:00:00
nessus
nessus
Bugzilla <= 2.18.1 / 2.19.3 Multiple Vulnerabilities (ID, more)
2005-07-08 00:00:00
GLSA-200507-12 : Bugzilla: Unauthorized access and information disclosure
2005-07-14 00:00:00
gentoo
gentoo
Bugzilla: Unauthorized access and information disclosure
2005-07-13 00:00:00
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0.001
Percentile
46.7%
Related for NVD:CVE-2005-2174