Unrated severityNVD Advisory· Published Jun 28, 2010· Updated Jun 16, 2026
CVE-2010-0180
CVE-2010-0180
Description
Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6 and 3.7, when use_suexec is enabled, uses world-readable permissions for the localconfig files, which allows local users to read sensitive configuration fields, as demonstrated by the database password field and the site_wide_secret field.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:mozilla:bugzilla:3.5.1:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:mozilla:bugzilla:3.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:bugzilla:3.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:bugzilla:3.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:bugzilla:3.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:bugzilla:3.7:*:*:*:*:*:*:*
- Range: 3.5.1 - 3.6, 3.7
Patches
Vulnerability mechanics
References
5- secunia.com/advisories/40300nvdVendor Advisory
- www.bugzilla.org/security/3.2.6/nvdVendor Advisory
- www.vupen.com/english/advisories/2010/1595nvdVendor Advisory
- www.securityfocus.com/bid/41144nvd
- bugzilla.mozilla.org/show_bug.cginvd
News mentions
0No linked articles in our index yet.