CVE-2009-3989

NONECVSS 0.0

0.0

Bugzilla before 3.0.11, 3.2.x before 3.2.6, 3.4.x before 3.4.5, and 3.5.x before 3.5.3 does not block access to files and directories that are used by custom installations, which allows remote attackers to obtain sensitive information via requests for (1) CVS/, (2) contrib/, (3) docs/en/xml/, (4) t/, or (5) old-params.txt.

🔗 References (14)

cve@mitrehttp://secunia.com/advisories/38443
cve@mitrehttp://www.securityfocus.com/archive/1/509282/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/38025
cve@mitrehttp://www.vupen.com/english/advisories/2010/0261
cve@mitrehttps://bugzilla.mozilla.org/show_bug.cgi?id=314871
cve@mitrehttps://bugzilla.mozilla.org/show_bug.cgi?id=434801
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/56003
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38443
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/509282/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/38025
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0261
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=314871
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=434801
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/56003

Is Your Infrastructure Affected by CVE-2009-3989?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-3989

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-3989?