CVE-2005-3139 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2005-3139
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-3139

Description: Bugzilla 2.19.1 through 2.20rc2 and 2.21, with user matching turned on in substring mode, allows attackers to list all users whose names match an arbitrary substring, even when the usevisibilitygroups parameter is set.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/42799 SAID Secunia Advisory: SA17030 CONFIRM http://www.bugzilla.org/security/2.18.4/ BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=112818466125484&w=2 BID 14996

Return to the previous page.