5
CVE-2010-2756
- EPSS 2.05%
- Veröffentlicht 16.08.2010 15:14:12
- Zuletzt bearbeitet 16.06.2026 23:21:26
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 allows remote attackers to determine the group memberships of arbitrary users via vectors involving the Search interface, boolean charts, and group-based pronouns.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.05% | 0.787 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.html
http://secunia.com/advisories/40892
http://secunia.com/advisories/41128
http://www.bugzilla.org/security/3.2.7/
http://www.securityfocus.com/bid/42275
http://www.vupen.com/english/advisories/2010/2035
http://www.vupen.com/english/advisories/2010/2205
https://bugzilla.mozilla.org/show_bug.cgi?id=417048
https://bugzilla.redhat.com/show_bug.cgi?id=623423