VYPR
Unrated severityNVD Advisory· Published Jun 28, 2010· Updated Jun 16, 2026

CVE-2010-0180

CVE-2010-0180

Description

Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6 and 3.7, when use_suexec is enabled, uses world-readable permissions for the localconfig files, which allows local users to read sensitive configuration fields, as demonstrated by the database password field and the site_wide_secret field.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • cpe:2.3:a:mozilla:bugzilla:3.5.1:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:mozilla:bugzilla:3.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:bugzilla:3.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:bugzilla:3.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:bugzilla:3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:bugzilla:3.7:*:*:*:*:*:*:*
  • Range: 3.5.1 - 3.6, 3.7

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.