Vulnerability CVE-2011-2977 - CERT Civis.Net

Vulnerability Name:

CVE-2011-2977 (CCN-69037)

Assigned:

2011-08-04

Published:

2011-08-04

Updated:

2017-08-29

Summary:

Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files.
Note: this issue exists because of a regression in 3.6.

CVSS v3 Severity:

4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
1.6 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2011-2977

Source: CCN
Type: SA45501
Bugzilla Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
45501

Source: CCN
Type: Bugzilla Web site
4.1.2, 4.0.1, 3.6.5, and 3.4.11 Security Advisory

Source: CONFIRM
Type: Vendor Advisory
http://www.bugzilla.org/security/3.4.11/

Source: OSVDB
Type: UNKNOWN
74302

Source: CCN
Type: OSVDB ID: 74302
Bugzilla Temporary Attachment File Local Disclosure

Source: CCN
Type: OSVDB ID: 74525
Bugzilla on Windows Uploaded Attachment Temporary File Local Information Disclosure

Source: BID
Type: UNKNOWN
49042

Source: CCN
Type: BID-49042
Bugzilla Multiple Security Vulnerabilities

Source: CONFIRM
Type: Patch
https://bugzilla.mozilla.org/show_bug.cgi?id=660502

Source: XF
Type: UNKNOWN
bugzilla-attachments-info-disc(69037)

Source: XF
Type: UNKNOWN
bugzilla-attachments-info-disc(69037)

Vulnerable Configuration:

Configuration 1:

cpe:/a:mozilla:bugzilla:3.6.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:3.6.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:3.6.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:3.6.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:3.6.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:3.6.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:3.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:3.7.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:3.7.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:3.7.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:4.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:4.0:rc1:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:4.0:rc2:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:4.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:4.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:4.1.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:4.1.2:*:*:*:*:*:*:*

AND

cpe:/o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:mozilla:bugzilla:3.5.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:3.5.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:3.5.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:3.6.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:3.7.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:3.7.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:3.6.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:3.6.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:4.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:3.6.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:bugzilla:4.0:rc1:*:*:*:*:*:*

Denotes that component is vulnerable