Executive Summary
This vulnerability is currently undergoing analysis and not all information is available. Please check back soon to view the completed vulnerability summary
Informations | |||
---|---|---|---|
Name | CVE-2010-1204 | First vendor Publication | 2010-06-28 |
Vendor | Cve | Last vendor Modification | 2010-06-28 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Search.pm in Bugzilla 2.17.1 through 3.2.6, 3.3.1 through 3.4.6, 3.5.1 through 3.6, and 3.7 allows remote attackers to obtain potentially sensitive time-tracking information via a crafted search URL, related to a "boolean chart search." |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1204 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-264 | Permissions, Privileges, and Access Controls |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-02-04 | Name : Fedora Update for bugzilla FEDORA-2011-0755 File : nvt/gb_fedora_2011_0755_bugzilla_fc13.nasl |
2010-11-16 | Name : Fedora Update for bugzilla FEDORA-2010-17235 File : nvt/gb_fedora_2010_17235_bugzilla_fc12.nasl |
2010-11-16 | Name : Fedora Update for bugzilla FEDORA-2010-17280 File : nvt/gb_fedora_2010_17280_bugzilla_fc13.nasl |
2010-08-30 | Name : Fedora Update for bugzilla FEDORA-2010-13072 File : nvt/gb_fedora_2010_13072_bugzilla_fc12.nasl |
2010-08-30 | Name : Fedora Update for bugzilla FEDORA-2010-13086 File : nvt/gb_fedora_2010_13086_bugzilla_fc13.nasl |
2010-07-22 | Name : FreeBSD Ports: bugzilla File : nvt/freebsd_bugzilla10.nasl |
2010-07-12 | Name : Fedora Update for bugzilla FEDORA-2010-10669 File : nvt/gb_fedora_2010_10669_bugzilla_fc13.nasl |
2010-07-06 | Name : Bugzilla 'time-tracking' Information Disclosure Vulnerability File : nvt/gb_bugzilla_41141.nasl |
2010-07-06 | Name : Fedora Update for bugzilla FEDORA-2010-10398 File : nvt/gb_fedora_2010_10398_bugzilla_fc12.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
65878 | Bugzilla Search.pm Boolean Chart Search Crafted URL Time-tracking Remote Info... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-08-29 | Name : The remote Fedora host is missing a security update. File : fedora_2010-13072.nasl - Type : ACT_GATHER_INFO |
2010-08-29 | Name : The remote Fedora host is missing a security update. File : fedora_2010-13086.nasl - Type : ACT_GATHER_INFO |
2010-07-08 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10669.nasl - Type : ACT_GATHER_INFO |
2010-07-06 | Name : The remote Fedora host is missing a security update. File : fedora_2010-10398.nasl - Type : ACT_GATHER_INFO |
2010-07-06 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_f1331504884911df89b800151735203a.nasl - Type : ACT_GATHER_INFO |
2010-06-30 | Name : A CGI hosted on the remote web server is affected by an information disclosur... File : bugzilla_timetracking_info_disclosure.nasl - Type : ACT_ATTACK |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2019-05-10 12:03:14 |
|
2016-04-26 19:42:19 |
|
2014-02-17 10:54:32 |
|
2013-05-10 23:21:35 |
|