CVE-2001-0330

Sažetak

Bugzilla 2.10 allows remote attackers to access sensitive information, including the database username and password, via an HTTP request for the globals.pl file, which is normally returned by the web server without being executed.

Reference

http://www.atstake.com/research/advisories/2001/a043001-1.txt
http://www.securityfocus.com/bid/2671
https://exchange.xforce.ibmcloud.com/vulnerabilities/6489

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

10-10-2017 - 01:29

Objavljeno

27-06-2001 - 04:00