Candidate: CVE-2012-4199
PublicDate: 2012-11-16 12:24:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4199
 https://bugzilla.mozilla.org/show_bug.cgi?id=731178
 http://www.bugzilla.org/security/3.6.11/
Description:
 template/en/default/bug/field-events.js.tmpl in Bugzilla 3.x before 3.6.12,
 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and
 4.4.x before 4.4rc1 generates JavaScript function calls containing private
 product names or private component names in certain circumstances involving
 custom-field visibility control, which allows remote attackers to obtain
 sensitive information by reading HTML source code.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669643
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_bugzilla:
upstream_bugzilla: needs-triage
hardy_bugzilla: ignored (reached end-of-life)
lucid_bugzilla: ignored (reached end-of-life)
oneiric_bugzilla: ignored (reached end-of-life)
precise_bugzilla: DNE
quantal_bugzilla: DNE
raring_bugzilla: DNE
saucy_bugzilla: DNE
devel_bugzilla: DNE