VYPR
Unrated severityNVD Advisory· Published Feb 3, 2010· Updated Jun 16, 2026

CVE-2009-3387

CVE-2009-3387

Description

Bugzilla 3.3.1 through 3.4.4, 3.5.1, and 3.5.2 does not allow group restrictions to be preserved throughout the process of moving a bug to a different product category, which allows remote attackers to obtain sensitive information via a request for a bug in opportunistic circumstances.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

11
  • cpe:2.3:a:mozilla:bugzilla:3.3.1:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:mozilla:bugzilla:3.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:bugzilla:3.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:bugzilla:3.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:bugzilla:3.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:bugzilla:3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:bugzilla:3.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:bugzilla:3.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:bugzilla:3.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:bugzilla:3.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:bugzilla:3.5.2:*:*:*:*:*:*:*
    • (no CPE)range: 3.3.1-3.4.4, 3.5.1, 3.5.2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.