Lucene search
Ubuntu.comUB:CVE-2012-5884HistoryNov 16, 2012 - 12:00 a.m.
CVE-2012-5884
2012-11-1600:00:00
ubuntu.com
ubuntu.com
18
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.003
Percentile
69.3%
The User.get method in Bugzilla/WebService/User.pm in Bugzilla 4.3.2 allows
remote attackers to obtain sensitive information about the saved searches
of arbitrary users via an XMLRPC request or a JSONRPC request, a different
vulnerability than CVE-2012-4198.
Notes
| Author | Note |
|---|---|
| mdeslaur | only bugzilla 4.x |
Related
nvd
nvd
CVE-2012-5884
2012-11-16 12:24:24
CVE-2012-4198
2012-11-16 12:24:24
cve
cve
CVE-2012-5884
2012-11-16 12:24:24
CVE-2012-4198
2012-11-16 12:24:24
prion
prion
Design/Logic Flaw
2012-11-16 12:24:00
Design/Logic Flaw
2012-11-16 12:24:00
cvelist
cvelist
CVE-2012-5884
2012-11-16 11:00:00
CVE-2012-4198
2012-11-16 11:00:00
ubuntucve
ubuntucve
CVE-2012-4198
2012-11-16 00:00:00
seebug
seebug
Bugzilla User.get()çťäżĄćŻćłé˛ćźć´
2012-11-19 00:00:00
openvas
openvas
FreeBSD Ports: bugzilla
2012-11-26 00:00:00
FreeBSD Ports: bugzilla
2012-11-26 00:00:00
securityvulns
securityvulns
Security advisory for Bugzilla 4.4rc1, 4.2.4, 4.0.9 and 3.6.12
2012-11-18 00:00:00
nessus
nessus
Bugzilla < 3.6.12 / 4.0.9 / 4.2.4 / 4.4rc1 Multiple Vulnerabilities
2012-11-20 00:00:00
FreeBSD : bugzilla -- multiple vulnerabilities (2b841f88-2e8d-11e2-ad21-20cf30e32f6d)
2012-11-19 00:00:00
Mandriva Linux Security Advisory : bugzilla (MDVSA-2013:066)
2013-04-20 00:00:00
freebsd
freebsd
bugzilla -- multiple vulnerabilities
2012-11-13 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.003
Percentile
69.3%
Related for UB:CVE-2012-5884