{"id":"DEBIAN-CVE-2011-3264","details":"Zabbix before 1.8.6 allows remote attackers to obtain sensitive information via an invalid srcfld2 parameter to popup.php, which reveals the installation path in an error message.","modified":"2026-01-29T04:17:51.665371Z","published":"2011-08-19T21:55:02.790Z","upstream":["CVE-2011-3264"],"references":[{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2011-3264"}],"affected":[{"package":{"name":"zabbix","ecosystem":"Debian:11","purl":"pkg:deb/debian/zabbix?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.8.6-1"}]}],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2011-3264.json"}},{"package":{"name":"zabbix","ecosystem":"Debian:12","purl":"pkg:deb/debian/zabbix?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.8.6-1"}]}],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2011-3264.json"}},{"package":{"name":"zabbix","ecosystem":"Debian:13","purl":"pkg:deb/debian/zabbix?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.8.6-1"}]}],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2011-3264.json"}},{"package":{"name":"zabbix","ecosystem":"Debian:14","purl":"pkg:deb/debian/zabbix?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.8.6-1"}]}],"ecosystem_specific":{"urgency":"unimportant"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2011-3264.json"}}],"schema_version":"1.7.3"}