1
Candidate: CVE-2011-2380
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2380
6
Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12,
7
3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before
8
4.1.3 allows remote attackers to determine the existence of private group
9
names via a crafted parameter during (1) bug creation or (2) bug editing.
13
https://bugzilla.mozilla.org/show_bug.cgi?id=653477
19
vendor: http://www.debian.org/security/2011/dsa-2322
20
upstream_bugzilla: released (3.4.12,3.6.6,4.0.2,4.1.3)
21
hardy_bugzilla: ignored (reached end-of-life)
22
lucid_bugzilla: ignored (reached end-of-life)
23
maverick_bugzilla: ignored (reached end-of-life)
24
natty_bugzilla: not-affected
25
oneiric_bugzilla: ignored (reached end-of-life)
26
precise_bugzilla: DNE (dropped by debian)
27
quantal_bugzilla: DNE (dropped by debian)
28
raring_bugzilla: DNE (dropped by debian)
29
saucy_bugzilla: DNE (dropped by debian)
30
devel_bugzilla: DNE (dropped by debian)