Summary
Bugzilla is prone to an information-disclosure vulnerability.
The issue may allow attackers to obtain potentially sensitive information that may aid in other attacks.
The issue affects the following:
Bugzilla 3.3.2 through 3.4.3 Bugzilla 3.5 through 3.5.1
Solution
Updates are available. Please see the references for details.
References
Severity
Classification
-
CVE CVE-2009-3386 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- AN Guestbook Local File Inclusion Vulnerability
- AfterLogic WebMail Pro Multiple Cross Site Scripting Vulnerabilities
- Adobe ColdFusion Multiple Full Path Disclosure Vulnerabilities
- Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
- Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability