CVE-2011-2979 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2011-2979 Interim 1 3 2021-06-09T09:03:17Z current 2021-05-30T12:58:54Z 2021-06-09T09:03:17Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2011-2979 Bugzilla 4.1.x before 4.1.3 generates different responses for certain assignee queries depending on whether the group name is valid, which allows remote attackers to determine the existence of private group names via a custom search. NOTE: this vulnerability exists because of a CVE-2010-2756 regression. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings Bugzilla 4.1.x before 4.1.3 generates different responses for certain assignee queries depending on whether the group name is valid, which allows remote attackers to determine the existence of private group names via a custom search. NOTE: this vulnerability exists because of a CVE-2010-2756 regression. CVE-2011-2979 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N