admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2002/CVE-2002-11xx/CVE-2002-1196.json
cad-safe-bot 60232de4e9 Auto-Update: 2025-04-03T02:02:27.113119+00:00
2025-04-03 02:06:18 +00:00

150 lines
4.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2002-1196",
"sourceIdentifier": "cve@mitre.org",
"published": "2002-10-28T05:00:00.000",
"lastModified": "2025-04-03T01:03:51.193",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "editproducts.cgi in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, when the \"usebuggroups\" feature is enabled and more than 47 groups are specified, does not properly calculate bit values for large numbers, which grants extra permissions to users via known features of Perl math that set multiple bits."
},
{
"lang": "es",
"value": "editproducts.cgi en Bugzilla 2.14.x anteriores a 2.14.4 y 2.16 anteriores a 2.16.1, cuando la caracter\u00edstica \"usebuggroups\" est\u00e1 activada y se especifican m\u00e1s de 47 grupos, no calcula adecuadamente valores de bits de n\u00fameros grandes, lo que permite permisos extra a usuarios mediante caracter\u00edsticas conocidas de funciones matem\u00e1ticas de Perl que establecen m\u00faltiples bits."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": true,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:bugzilla:2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1883A98C-E595-4F3C-87BF-A63393F9F561"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:bugzilla:2.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DD49E53A-5676-4FAC-A8A2-30FAC04C33D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:bugzilla:2.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1084AF8E-5269-4EFF-BBD2-C5A77945FCF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:bugzilla:2.14.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A4B035-B73E-48E9-BBB9-83219F5D2A95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:bugzilla:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "F16D338E-C5BC-46E1-95DD-D9B0E25EE56E"
}
]
}
]
}
],
"references": [
{
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=167485#c12",
"source": "cve@mitre.org"
},
{
"url": "http://marc.info/?l=bugtraq&m=103349804226566&w=2",
"source": "cve@mitre.org"
},
{
"url": "http://www.debian.org/security/2002/dsa-173",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.iss.net/security_center/static/10233.php",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/5843",
"source": "cve@mitre.org"
},
{
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=167485#c12",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://marc.info/?l=bugtraq&m=103349804226566&w=2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.debian.org/security/2002/dsa-173",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.iss.net/security_center/static/10233.php",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/5843",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink