mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 01:31:20 +00:00
189 lines
6.4 KiB
JSON
189 lines
6.4 KiB
JSON
{
|
|
"id": "CVE-2011-2977",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2011-08-09T19:55:01.607",
|
|
"lastModified": "2017-08-29T01:29:53.537",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files. NOTE: this issue exists because of a regression in 3.6."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Bugzilla 3.6.x anteriores a la vers\u00f3n 3.6.6, 3.7.x, 4.0.x anteriores a 4.0.2 y 4.1.x anteriores a 4.1.3 en Windows no borra los archivos temporales asociados a adjuntos subidos, lo que permite a usuarios locales obtener informaci\u00f3n confidencial leyendo estos archivos. NOTA: este problema existe debido a una regresi\u00f3n en la versi\u00f3n 3.6."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
|
"accessVector": "LOCAL",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 2.1
|
|
},
|
|
"baseSeverity": "LOW",
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:bugzilla:3.6.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4A1AD503-7F78-4597-AECD-6DC530AD4D3C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:bugzilla:3.6.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BCAD5285-E485-4F49-99CF-287545260FDD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:bugzilla:3.6.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5C193DF3-8D23-44A9-94DE-9F4F7358ED3F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:bugzilla:3.6.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "80BA8C84-32C3-4ECF-B4C7-573B12441D22"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:bugzilla:3.6.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "820EC9F1-B66C-43CE-B254-145F4AC23083"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:bugzilla:3.6.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C4BDA6DC-8D53-417D-8320-CE266F8607B7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:bugzilla:3.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2757B2A7-5232-4245-9CC6-91BF9E3ECA09"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:bugzilla:3.7.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "740ADCB7-B296-4728-A73A-9691265B8F07"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:bugzilla:3.7.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6187C92D-FEE9-4B1B-B7ED-9A1DD360B204"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:bugzilla:3.7.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "71213AF6-48CC-469F-9FBA-CAF1D3237657"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:bugzilla:4.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DABC1683-0E04-456E-9500-68D0D35815E6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:bugzilla:4.0:rc1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "38D71912-DCD6-44BB-8A86-72D207B49E58"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:bugzilla:4.0:rc2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D5A8816A-84EE-44B0-AD3B-5C9BC9B3E71E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:bugzilla:4.0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A367BFF0-397D-416F-960C-602E8B66421A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:bugzilla:4.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "85CDC579-6967-4E5C-B716-B2BC04F6DBF2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:bugzilla:4.1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "27783033-F558-427C-89A7-C3638C57F2A0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:bugzilla:4.1.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E91557C7-8C53-49C4-8BC5-7F86D4AA09B8"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://www.bugzilla.org/security/3.4.11/",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/49042",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=660502",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69037",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |