CVE-2010-1204 Information

Description

Search.pm in Bugzilla 2.17.1 through 3.2.6 3.3.1 through 3.4.6 3.5.1 through 3.6 and 3.7 allows remote attackers to obtain potentially sensitive time-tracking information via a crafted search URL related to a \boolean chart search.\

Reference

http://secunia.com/advisories/40300 http://www.bugzilla.org/security/3.2.6/ http://www.securityfocus.com/bid/41141 http://www.vupen.com/english/advisories/2010/1595 https://bugzilla.mozilla.org/show_bug.cgi?id=309952