CVE-2002-0803 — Mozilla Bugzilla vulnerability

5 documents5 sources

Severity

5.0MEDIUMNVD

EPSS

1.4%

top 19.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Bugzilla

Timeline

PublishedAug 12

Latest updateMay 3

Description

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows remote attackers to display restricted products and components via a direct HTTP request to queryhelp.cgi.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmozilla/bugzilla2.14, 2.14.1, 2.16+2

Patches

Patch: archives.neohapsis.com ↗Patch: archives.neohapsis.com ↗

🔴Vulnerability Details

GHSA

GHSA-m5hx-rq87-ggxp: Bugzilla 2↗2022-05-03

▶

CVEList

CVE-2002-0803: Bugzilla 2↗2002-07-31

▶

📋Vendor Advisories

Red Hat

security flaw↗2002-06-08

▶

💬Community

Bugzilla

CVE-2002-0803 security flaw↗2018-08-16

▶