Summary
Bugzilla is prone to an information-disclosure vulnerability.
Exploits may allow attackers to obtain potentially sensitive information that may aid in other attacks.
This issue affects the following:
Bugzilla 3.3.1 through 3.4.4 Bugzilla 3.5.1 Bugzilla 3.5.2
Solution
Updates are available. Please see the references for details.
References
Severity
Classification
-
CVE CVE-2009-3387 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
- 2532|Gigs Directory Traversal And SQL Injection Multiple Vulnerabilities
- Adobe ColdFusion Multiple Vulnerabilities-03 May-2014
- @Mail 'admin.php' Cross-Site Scripting Vulnerabilities
- Apache Tomcat RemoteFilterValve Security Bypass Vulnerability