mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-05-28 17:21:57 +00:00
77 lines
2.5 KiB
JSON
77 lines
2.5 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2012-1969",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "The get_attachment_link function in Template.pm in Bugzilla 2.x and 3.x before 3.6.10, 3.7.x and 4.0.x before 4.0.7, 4.1.x and 4.2.x before 4.2.2, and 4.3.x before 4.3.2 does not check whether an attachment is private before presenting the attachment description within a public comment, which allows remote attackers to obtain sensitive description information by reading a comment."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "http://www.bugzilla.org/security/3.6.9/",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://www.bugzilla.org/security/3.6.9/"
|
|
},
|
|
{
|
|
"name": "MDVSA-2013:066",
|
|
"refsource": "MANDRIVA",
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:066"
|
|
},
|
|
{
|
|
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=777586",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=777586"
|
|
},
|
|
{
|
|
"name": "50040",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/50040"
|
|
}
|
|
]
|
|
}
|
|
} |