Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1563

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-1563
Last Modified 07 Mar 2011 09:22:11
Published 14 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1563

Summary

Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 displays a different error message depending on whether a product exists or not, which allows remote attackers to determine hidden products.

Vulnerable Systems

Application

  • Mozilla Bugzilla 2.10

  • Mozilla Bugzilla 2.12

  • Mozilla Bugzilla 2.14

  • Mozilla Bugzilla 2.14.1

  • Mozilla Bugzilla 2.14.2

  • Mozilla Bugzilla 2.14.3

  • Mozilla Bugzilla 2.14.4

  • Mozilla Bugzilla 2.14.5

  • Mozilla Bugzilla 2.16

  • Mozilla Bugzilla 2.16.1

  • Mozilla Bugzilla 2.16.10

  • Mozilla Bugzilla 2.16.2

  • Mozilla Bugzilla 2.16.3

  • Mozilla Bugzilla 2.16.4

  • Mozilla Bugzilla 2.16.5

  • Mozilla Bugzilla 2.16.6

  • Mozilla Bugzilla 2.16.7

  • Mozilla Bugzilla 2.16.8

  • Mozilla Bugzilla 2.16.9

  • Mozilla Bugzilla 2.18

  • Mozilla Bugzilla 2.18.1

  • Mozilla Bugzilla 2.19.1

  • Mozilla Bugzilla 2.19.2


References

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=287109

OSVDB - 16425

CONFIRM - http://www.bugzilla.org/security/2.16.8/

SECUNIA - 15338

BUGTRAQ - 20050512 Security Advisory for Bugzilla 2.18, 2.19.2, and 2.16.8

VUPEN - ADV-2005-0533

BID - 13606

CONECTIVA - CLSA-2005:1040


Last Updated: 27 May 2016 10:40:12