CVE-2005-1563

Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 displays a different error message depending on whether a product exists or not, which allows remote attackers to determine hidden products.

Published: May 14, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-1563
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mozilla / bugzilla	2.16.8	2.16.8.x
mozilla / bugzilla	2.16.1	2.16.1.x
mozilla / bugzilla	2.16.2	2.16.2.x
mozilla / bugzilla	2.10	2.10.x
mozilla / bugzilla	2.16	2.16.x
mozilla / bugzilla	2.16.9	2.16.9.x
mozilla / bugzilla	2.14.2	2.14.2.x
mozilla / bugzilla	2.18.1	2.18.1.x
mozilla / bugzilla	2.14.3	2.14.3.x
mozilla / bugzilla	2.14.4	2.14.4.x
mozilla / bugzilla	2.19.1	2.19.1.x
mozilla / bugzilla	2.16.7	2.16.7.x
mozilla / bugzilla	2.16.4	2.16.4.x
mozilla / bugzilla	2.12	2.12.x
mozilla / bugzilla	2.16.3	2.16.3.x
mozilla / bugzilla	2.14.5	2.14.5.x
mozilla / bugzilla	2.18	2.18.x
mozilla / bugzilla	2.16.6	2.16.6.x
mozilla / bugzilla	2.14.1	2.14.1.x
mozilla / bugzilla	2.16.5	2.16.5.x
mozilla / bugzilla	2.14	2.14.x
mozilla / bugzilla	2.19.2	2.19.2.x
mozilla / bugzilla	2.16.10	2.16.10.x

Vulnerability Database

290,206

CVE-2005-1563