CVE-2002-1111

Published: Oct 4, 2002Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

print_all_bug_page.php in Mantis 0.17.3 and earlier does not verify the limit_reporters option, which allows remote attackers to view bug summaries for bugs that would otherwise be restricted.

Affected (6)

Products: Mantis: Mantis

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Mantis Mantis	Version 0.16.0
Mantis Mantis	Version 0.16.1
Mantis Mantis	Version 0.17.0
Mantis Mantis	Version 0.17.1
Mantis Mantis	Version 0.17.2
Mantis Mantis	Version 0.17.3

Related CWEs

References (10)

http://mantisbt.sourceforge.net/advisories/2002/2002-02.txt

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=102978873620491&w=2

Source: cve@mitre.org

http://www.debian.org/security/2002/dsa-153

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/5515

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/9898

Source: cve@mitre.org

http://mantisbt.sourceforge.net/advisories/2002/2002-02.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=102978873620491&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2002/dsa-153

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/5515

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/9898

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.