CVE-2007-0792

NONECVSS 0.0

0.0

The mod_perl initialization script in Bugzilla 2.23.3 does not set the Bugzilla Apache configuration to allow .htaccess permissions to override file permissions, which allows remote attackers to obtain the database username and password via a direct request for the localconfig file.

🔗 References (16)

cve@mitrehttp://osvdb.org/35862
cve@mitrehttp://securityreason.com/securityalert/2222
cve@mitrehttp://securitytracker.com/id?1017585
cve@mitrehttp://www.bugzilla.org/security/2.20.3/
cve@mitrehttp://www.securityfocus.com/archive/1/459025/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/22380
cve@mitrehttp://www.vupen.com/english/advisories/2007/0477
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/32252
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/35862
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/2222
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1017585
af854a3a-2127-422b-91ae-364da2661108http://www.bugzilla.org/security/2.20.3/
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/459025/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/22380
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/0477

Is Your Infrastructure Affected by CVE-2007-0792?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-0792

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-0792?