| Secunia ID |
SA38467
|
| CVE-ID |
CVE-2009-3387, CVE-2009-3989
|
| Release Date |
09 Feb 2010
|
| Criticality |
Less Critical
Typically used for cross-site scripting vulnerabilities and privilege escalation vulnerabilities.
This rating is also used for vulnerabilities allowing exposure of sensitive data to local users.
|
| Solution Status |
Vendor Patch
|
| Where |
From remote
"From remote" describes other vulnerabilities where the attack vector doesn't require access to the system or a local network.
This category covers services that are acceptable to expose to the Internet (e.g. HTTP, HTTPS, SMTP). It also covers client applications used on the Internet and certain vulnerabilities where it is reasonable to assume that a security conscious user can be tricked into performing certain actions.
|
| Impact |
Exposure of sensitive information
Vulnerabilities where documents or credentials are leaked or can be revealed either locally or from remote.
|
| Description |
Fedora has issued an update for bugzilla. This fixes multiple weaknesses, which can lead to the disclosure of sensitive information. For more information:
SA38443
|
| Solution |
Apply updated packages via the yum utility ("yum update bugzilla").
|
| Original Advisory |
FEDORA-2010-1458:
https://admin.fedoraproject.org/updates/F11/FEDORA-2010-1458
|
