CVE-2012-4197 in Bugzilla
요약 (영어)
Bugzilla/Attachment.pm in attachment.cgi in Bugzilla 2.x and 3.x before 3.6.12, 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 allows remote attackers to read attachment descriptions from private bugs via an obsolete=1 insert action.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
예약하다
2012. 08. 08.
공개
2012. 11. 16.
엔트리
VulDB provides additional information and datapoints for this CVE:
| 아이디 | 취약성 | CWE | 악용 | 대책 | CVE |
|---|---|---|---|---|---|
| 6946 | Bugzilla code-error.html.tmpl 정보 공개 | 200 | 개념 증명 | 공식 수정 | CVE-2012-4197 |