2.1 CVE-2011-2977
Patch
Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files. NOTE: this issue exists because of a regression in 3.6.
https://nvd.nist.gov/vuln/detail/CVE-2011-2977
Categories
CWE-NVD-Other
References
BID
CONFIRM Patch
http://www.bugzilla.org/security/3.4.11/ Vendor Advisory |
https://bugzilla.mozilla.org/show_bug.cgi?id=660502 Patch |
OSVDB
SECUNIA
45501 Vendor Advisory |
XF
CPE
cpe | start | end |
---|---|---|
Configuration 1 | ||
cpe:2.3:a:mozilla:bugzilla:3.6.0:*:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:3.6.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:3.6.2:*:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:3.6.3:*:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:3.6.4:*:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:3.6.5:*:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:3.7:*:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:3.7.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:3.7.2:*:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:3.7.3:*:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:4.0:*:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:4.0:rc1:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:4.0:rc2:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:4.0.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:4.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:4.1.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:mozilla:bugzilla:4.1.2:*:*:*:*:*:*:* | ||
Running on/with | ||
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
REMEDIATION
Patch
Url |
---|
https://bugzilla.mozilla.org/show_bug.cgi?id=660502 |
EXPLOITS
Exploit-db.com
id | description | date | |
---|---|---|---|
No known exploits |
Other (github, ...)
Url |
---|
No known exploits |
CAPEC
Common Attack Pattern Enumerations and Classifications
id | description | severity |
---|---|---|
No entry |
MITRE
Sherlock® flash
Take a picture of your computer network in a few clicks !
The Sherlock® flash audit solution allows you to perform an audit to strengthen the security of your IT assets. Vulnerability analysis of your physical and virtual equipment. Patch planning by priority level and time available. Detailed and intuitive reporting.
