Published: 02/04/2003 Updated: 11/07/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

bonsai Mozilla CVS query tool leaks the absolute pathname of the tool in certain error messages generated by (1) cvslog.cgi, (2) cvsview2.cgi, or (3) multidiff.cgi.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla bonsai 1.3

Rémi Perrot fixed several security related bugs in the bonsai, the Mozilla CVS query tool by web interface Vulnerabilities include arbitrary code execution, cross-site scripting and access to configuration parameters The Common Vulnerabilities and Exposures project identifies the following problems: CAN-2003-0152 - Remote execution of arbitrar ...

source: wwwsecurityfocuscom/bid/5517/info A path disclosure vulnerability has been reported in Mozilla Bonsai An attacker can exploit this vulnerability by making a malformed request to Bonsai This causes Bonsai to return an error page to the requesting user This error page will contain the absolute path information about the requeste ...

NVD-CWE-Other http://www.debian.org/security/2003/dsa-265 http://bugzilla.mozilla.org/show_bug.cgi?id=187230 http://www.securityfocus.com/bid/5517 http://marc.info/?l=bugtraq&m=102980129101054&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/9921 https://nvd.nist.gov https://www.debian.org/security/./dsa-265 https://www.exploit-db.com/exploits/21730/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-0153

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect