CVE-2001-0330

Published: Jun 27, 2001Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Bugzilla 2.10 allows remote attackers to access sensitive information, including the database username and password, via an HTTP request for the globals.pl file, which is normally returned by the web server without being executed.

Affected (4)

Products: Mozilla: Bugzilla

Mozilla

1 product

Bugzilla

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Mozilla Bugzilla	Version 2.10
Mozilla Bugzilla	Version 2.4
Mozilla Bugzilla	Version 2.6
Mozilla Bugzilla	Version 2.8

References (6)

http://www.atstake.com/research/advisories/2001/a043001-1.txt

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/2671

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/6489

Source: cve@mitre.org

http://www.atstake.com/research/advisories/2001/a043001-1.txt

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/2671

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/6489

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.