Back to search
CVE-2010-2756
Published: Aug 13, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 allows remote attackers to determine the group memberships of arbitrary users via vectors involving the Search interface, boolean charts, and group-based pronouns.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2010-2035
vdb-entry
x_refsource_VUPEN
FEDORA-2010-13072
vendor-advisory
x_refsource_FEDORA
FEDORA-2010-13171
vendor-advisory
x_refsource_FEDORA
40892
third-party-advisory
x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=623423
x_refsource_CONFIRM
FEDORA-2010-13086
vendor-advisory
x_refsource_FEDORA
42275
vdb-entry
x_refsource_BID
https://bugzilla.mozilla.org/show_bug.cgi?id=417048
x_refsource_CONFIRM
http://www.bugzilla.org/security/3.2.7/
x_refsource_CONFIRM
41128
third-party-advisory
x_refsource_SECUNIA
ADV-2010-2205
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now