CVE-2010-2756: CVE-2010-2756

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2010-2756

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 allows remote attackers to determine the group memberships of arbitrary users via vectors involving the Search interface, boolean charts, and group-based pronouns.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Mozilla Bugzilla 'Search.pm' 权限许可和访问控制漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Bugzilla是很多软件项目都在使用的基于Web的BUG跟踪系统。 Bugzilla 2.19.1至3.2.7版本，3.3.1至3.4.7版本，3.5.1至3.6.1版本，以及3.7至3.7.2版本中的Search.pm存在漏洞。正常情况下非特权用户是不允许查看其他用户的组所有权，但布尔表允许用户使用基于组的代词，间接泄露组所有权。远程攻击者可以借助涉及搜索界面，布尔图表和基于组的代词的向量确定任意用户的组成员身份。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2010-2756

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2010-2756

Please Login to view more intelligence information

https://bugzilla.redhat.com/show_bug.cgi?id=623423x_refsource_CONFIRM
http://www.bugzilla.org/security/3.2.7/x_refsource_CONFIRM
https://bugzilla.mozilla.org/show_bug.cgi?id=417048x_refsource_CONFIRM
http://secunia.com/advisories/40892third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/42275vdb-entryx_refsource_BID
http://secunia.com/advisories/41128third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/2035vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2010/2205vdb-entryx_refsource_VUPEN
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.htmlvendor-advisoryx_refsource_FEDORA
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.htmlvendor-advisoryx_refsource_FEDORA
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.htmlvendor-advisoryx_refsource_FEDORA
https://nvd.nist.gov/vuln/detail/CVE-2010-2756

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2010-2756

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2010-2756

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2010-2756

III. Intelligence Information for CVE-2010-2756

IV. Related Vulnerabilities

V. Comments for CVE-2010-2756

Leave a comment