Vulnerability Database

290,206

Total vulnerabilities in the database

CVE-2005-3139

Bugzilla 2.19.1 through 2.20rc2 and 2.21, with user matching turned on in substring mode, allows attackers to list all users whose names match an arbitrary substring, even when the usevisibilitygroups parameter is set.

  • Published: Oct 5, 2005
  • Updated: Apr 13, 2023
  • CVE: CVE-2005-3139
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
mozilla / bugzilla 2.19.3 2.19.3.x
mozilla / bugzilla 2.20-rc2 2.20-rc2.x
mozilla / bugzilla 2.20-rc1 2.20-rc1.x
mozilla / bugzilla 2.19.1 2.19.1.x
mozilla / bugzilla 2.21 2.21.x
mozilla / bugzilla 2.19.2 2.19.2.x