CVE Vulnerabilities

CVE-2002-0805

Published: Aug 12, 2002 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, (1) creates new directories with world-writable permissions, and (2) creates the params file with world-writable permissions, which allows local users to modify the files and execute code.

Affected Software

Name Vendor Start Version End Version
Bugzilla Mozilla 2.14 (including) 2.14 (including)
Bugzilla Mozilla 2.14.1 (including) 2.14.1 (including)
Bugzilla Mozilla 2.16 (including) 2.16 (including)
Bugzilla Mozilla 2.16-rc1 (including) 2.16-rc1 (including)
Red Hat Powertools 7.0 RedHat *
Red Hat Powertools 7.1 RedHat *

References