mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
82 lines
2.6 KiB
JSON
82 lines
2.6 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2005-3138",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Bugzilla 2.18rc1 through 2.18.3, 2.19 through 2.20rc2, and 2.21 allows remote attackers to obtain sensitive information such as the list of installed products via the config.cgi file, which is accessible even when the requirelogin parameter is set."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "17030",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/17030/"
|
|
},
|
|
{
|
|
"name": "bugzilla-config-obtain-information(22490)",
|
|
"refsource": "XF",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22490"
|
|
},
|
|
{
|
|
"name": "http://www.bugzilla.org/security/2.18.4/",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://www.bugzilla.org/security/2.18.4/"
|
|
},
|
|
{
|
|
"name": "20051001 Security Advisory for Bugzilla 2.18.3, 2.20rc2, and 2.21",
|
|
"refsource": "BUGTRAQ",
|
|
"url": "http://marc.info/?l=bugtraq&m=112818466125484&w=2"
|
|
},
|
|
{
|
|
"name": "14995",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/14995"
|
|
}
|
|
]
|
|
}
|
|
} |