Bugzilla is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain potentially sensitive information that may aid in other attacks. Bugzilla 3.7 and 3.7.1 are vulnerable.

Updates are available. Please see the references for more information.

• http://www.bugzilla.org
• http://www.bugzilla.org/security/3.7.1/
• https://bugzilla.mozilla.org/show_bug.cgi?id=574892
• https://www.securityfocus.com/bid/41397

---

Updated on 2015-03-25