CVE-2002-0805

Medium

4.6/10

Summary

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, (1) creates new directories with world-writable permissions, and (2) creates the params file with world-writable permissions, which allows local users to modify the files and execute code.

Access Complexity: LOW
AccessVector: LOCAL
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: PARTIAL

References

Advisory Timeline

Published Aug 12, 2002

CVE-2002-0805

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS