Bugzilla Group Selection During Bug Move Information Disclosure Vulnerability Network Vulnerability

Summary

Bugzilla is prone to an information-disclosure vulnerability. Exploits may allow attackers to obtain potentially sensitive information that may aid in other attacks. This issue affects the following: Bugzilla 3.3.1 through 3.4.4 Bugzilla 3.5.1 Bugzilla 3.5.2

Solution

Updates are available. Please see the references for details.

References

http://www.bugzilla.org
http://www.bugzilla.org/security/3.0.10/
http://www.securityfocus.com/bid/38026
https://bugzilla.mozilla.org/show_bug.cgi?id=532493

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-3387

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache ActiveMQ Multiple Vulnerabilities
AfterLogic WebMail Pro Multiple Cross Site Scripting Vulnerabilities
AjaXplorer Remote Command Injection and Local File Disclosure Vulnerabilities
Afian 'includer.php' Directory Traversal Vulnerability
Adobe ColdFusion HTTP Response Splitting Vulnerability

Take action and discover your vulnerabilities