Home > Vulnerability Database > CVE-2006-5454

Mend.io Vulnerability Database

CVE-2006-5454

Date: October 23, 2006

Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before 2.22.1, and 2.23.x before 2.23.3 allow remote attackers to obtain (1) the description of arbitrary attachments by viewing the attachment in "diff" mode in attachment.cgi, and (2) the deadline field by viewing the XML format of the bug in show_bug.cgi.

Severity Score

5.3

Related Resources (16)

Url: http://security.gentoo.org/glsa/glsa-200611-04.xml

Url: http://www.vupen.com/english/advisories/2006/4035

Url: http://secunia.com/advisories/22409

Url: http://www.securityfocus.com/bid/20538

Url: http://www.bugzilla.org/security/2.18.5/

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-5454

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=346086

Url: http://securityreason.com/securityalert/1760

Url: http://securitytracker.com/id?1017064

Url: http://www.securityfocus.com/archive/1/448777/100/100/threaded

Url: http://www.osvdb.org/29547

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=346564

Url: http://www.osvdb.org/29546

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2006-5454

Url: http://secunia.com/advisories/22790

Url: https://www.mend.io/vulnerability-database/CVE-2006-5454

Severity Score

5.3

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

CVSS v2

Base Score:	5.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2006-5454

Date: October 23, 2006

Severity Score

Related Resources (16)

Severity Score

CVSS v3.1

CVSS v2

Do you need more information?