Candidate: CVE-2014-1571
PublicDate: 2014-10-13 01:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1571
 https://bugzilla.mozilla.org/show_bug.cgi?id=1064140
Description:
 Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11,
 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 allows remote
 authenticated users to obtain sensitive private-comment information by
 leveraging a role as a flag recipient, related to Bug.pm, Flag.pm, and a
 mail template.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669643
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_bugzilla:
upstream_bugzilla: needs-triage
lucid_bugzilla: ignored (reached end-of-life)
precise_bugzilla: DNE
trusty_bugzilla: DNE
trusty/esm_bugzilla: DNE
devel_bugzilla: DNE