CVE-2010-1204

Description

Search.pm in Bugzilla 2.17.1 through 3.2.6, 3.3.1 through 3.4.6, 3.5.1 through 3.6, and 3.7 allows remote attackers to obtain potentially sensitive time-tracking information via a crafted search URL, related to a "boolean chart search."

Software From Fixed in
mozilla / bugzilla 2.17.1 2.17.1.x
mozilla / bugzilla 2.17.3 2.17.3.x
mozilla / bugzilla 2.17.4 2.17.4.x
mozilla / bugzilla 2.17.5 2.17.5.x
mozilla / bugzilla 2.17.6 2.17.6.x
mozilla / bugzilla 2.17.7 2.17.7.x
mozilla / bugzilla 3.0 3.0.x
mozilla / bugzilla 3.0.1 3.0.1.x
mozilla / bugzilla 3.0.10 3.0.10.x
mozilla / bugzilla 3.0.11 3.0.11.x
mozilla / bugzilla 3.0.2 3.0.2.x
mozilla / bugzilla 3.0.3 3.0.3.x
mozilla / bugzilla 3.0.4 3.0.4.x
mozilla / bugzilla 3.0.5 3.0.5.x
mozilla / bugzilla 3.0.6 3.0.6.x
mozilla / bugzilla 3.0.7 3.0.7.x
mozilla / bugzilla 3.0.8 3.0.8.x
mozilla / bugzilla 3.0.9 3.0.9.x
mozilla / bugzilla 3.1.1 3.1.1.x
mozilla / bugzilla 3.1.2 3.1.2.x
mozilla / bugzilla 3.1.3 3.1.3.x
mozilla / bugzilla 3.1.4 3.1.4.x
mozilla / bugzilla 3.2 3.2.x
mozilla / bugzilla 3.2.1 3.2.1.x
mozilla / bugzilla 3.2.2 3.2.2.x
mozilla / bugzilla 3.2.3 3.2.3.x
mozilla / bugzilla 3.2.4 3.2.4.x
mozilla / bugzilla 3.2.5 3.2.5.x
mozilla / bugzilla 3.2.6 3.2.6.x
mozilla / bugzilla 3.3.1 3.3.1.x
mozilla / bugzilla 3.3.3 3.3.3.x
mozilla / bugzilla 3.3.4 3.3.4.x
mozilla / bugzilla 3.4 3.4.x
mozilla / bugzilla 3.4.1 3.4.1.x
mozilla / bugzilla 3.4.2 3.4.2.x
mozilla / bugzilla 3.4.3 3.4.3.x
mozilla / bugzilla 3.4.4 3.4.4.x
mozilla / bugzilla 3.4.5 3.4.5.x
mozilla / bugzilla 3.4.6 3.4.6.x
mozilla / bugzilla 3.5.1 3.5.1.x
mozilla / bugzilla 3.5.2 3.5.2.x
mozilla / bugzilla 3.5.3 3.5.3.x
mozilla / bugzilla 3.6 3.6.x
mozilla / bugzilla 3.7 3.7.x