CVE-2012-4199 in BugzillaИнформация

Сводка (Английский)

template/en/default/bug/field-events.js.tmpl in Bugzilla 3.x before 3.6.12, 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 generates JavaScript function calls containing private product names or private component names in certain circumstances involving custom-field visibility control, which allows remote attackers to obtain sensitive information by reading HTML source code.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Резервировать

08.08.2012

Раскрытие

16.11.2012

Записи

VulDB provides additional information and datapoints for this CVE:

ИДУязвимостьCWEЭксКонCVE
6938Bugzilla Custom Field раскрытие информации200Не определеноОфициальное исправлениеCVE-2012-4199

Описание

CPE

CWE

CVSS

Эксплойты

История

Разница

Связать

Разведка угроз

API JSON

API XML

API CSV

Источники

ПредыдущийОбзорДалее

Do you need the next level of professionalism?

Upgrade your account now!