PT-2002-1826 · Mozilla · Bugzilla
Published
2002-08-12
·
Updated
2008-09-05
·
CVE-2002-0805
CVSS v2.0
4.6
Medium
| Vector | AV:L/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
Bugzilla versions 2.14 through 2.14.1
Bugzilla versions 2.16 before 2.16rc2
Description:
The issue allows local users to modify files and execute code due to world-writable permissions on newly created directories and the params file.
Recommendations:
For Bugzilla versions 2.14 through 2.14.1, update to version 2.14.2 to resolve the issue.
For Bugzilla versions 2.16 before 2.16rc2, update to version 2.16rc2 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Bugzilla