Summary
Detail | |||
---|---|---|---|
Vendor | Mozilla | First view | 2000-05-11 |
Product | Bugzilla | Last view | 2019-04-29 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
8.8 | 2019-04-29 | CVE-2018-5123 | A third party website can access information available to a user with access to a restricted bug entry using the image generation in report.cgi in all Bugzilla versions prior to 4.4. |
6.1 | 2017-04-12 | CVE-2016-2803 | Cross-site scripting (XSS) vulnerability in the dependency graphs in Bugzilla 2.16rc1 through 4.4.11, and 4.5.1 through 5.0.2 allows remote attackers to inject arbitrary web script or HTML. |
3.5 | 2016-01-03 | CVE-2015-8509 | Template.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.16, 4.3.x and 4.4.x before 4.4.11, and 4.5.x and 5.0.x before 5.0.2 does not properly construct CSV files, which allows remote attackers to obtain sensitive information by leveraging a web browser that interprets CSV data as JavaScript code. |
4.7 | 2016-01-03 | CVE-2015-8508 | Cross-site scripting (XSS) vulnerability in showdependencygraph.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2.16, 4.3.x and 4.4.x before 4.4.11, and 4.5.x and 5.0.x before 5.0.2, when a local dot configuration is used, allows remote attackers to inject arbitrary web script or HTML via a crafted bug summary. |
7.5 | 2015-09-13 | CVE-2015-4499 | Util.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.15, 4.3.x and 4.4.x before 4.4.10, and 5.x before 5.0.1 mishandles long e-mail addresses during account registration, which allows remote attackers to obtain the default privileges for an arbitrary domain name by placing that name in a substring of an address, as demonstrated by truncation of an @mozilla.com.example.com address to an @mozilla.com address. |
6.5 | 2015-02-01 | CVE-2014-8630 | Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x before 5.0rc1 allows remote authenticated users to execute arbitrary commands by leveraging the editcomponents privilege and triggering crafted input to a two-argument Perl open call, as demonstrated by shell metacharacters in a product name. |
4.3 | 2014-10-12 | CVE-2014-1573 | Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 does not ensure that a scalar context is used for certain CGI parameters, which allows remote attackers to conduct cross-site scripting (XSS) attacks by sending three values for a single parameter name. |
5 | 2014-10-12 | CVE-2014-1572 | The confirm_create_account function in the account-creation feature in token.cgi in Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 does not specify a scalar context for the realname parameter, which allows remote attackers to create accounts with unverified e-mail addresses by sending three realname values with realname=login_name as the second, as demonstrated by selecting an e-mail address with a domain name for which group privileges are automatically granted. |
4 | 2014-10-12 | CVE-2014-1571 | Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 allows remote authenticated users to obtain sensitive private-comment information by leveraging a role as a flag recipient, related to Bug.pm, Flag.pm, and a mail template. |
4.3 | 2014-08-14 | CVE-2014-1546 | The response function in the JSONP endpoint in WebService/Server/JSONRPC.pm in jsonrpc.cgi in Bugzilla 3.x and 4.x before 4.0.14, 4.1.x and 4.2.x before 4.2.10, 4.3.x and 4.4.x before 4.4.5, and 4.5.x before 4.5.5 accepts certain long callback values and does not restrict the initial bytes of a JSONP response, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks, and obtain sensitive information, via a crafted OBJECT element with SWF content consistent with the _bz_callback character set. |
4 | 2014-04-19 | CVE-2014-1517 | The login form in Bugzilla 2.x, 3.x, 4.x before 4.4.3, and 4.5.x before 4.5.3 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account and then submit a vulnerability report, related to a "login CSRF" issue. |
4.3 | 2013-10-24 | CVE-2013-1743 | Multiple cross-site scripting (XSS) vulnerabilities in report.cgi in Bugzilla 4.1.x and 4.2.x before 4.2.7 and 4.3.x and 4.4.x before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a field value that is not properly handled during construction of a tabular report, as demonstrated by the (1) summary or (2) real name field. NOTE: this issue exists because of an incomplete fix for CVE-2012-4189. |
4.3 | 2013-10-24 | CVE-2013-1742 | Multiple cross-site scripting (XSS) vulnerabilities in editflagtypes.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id or (2) sortkey parameter. |
6.8 | 2013-10-24 | CVE-2013-1734 | Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that commit an attachment change via an update action. |
6.8 | 2013-10-24 | CVE-2013-1733 | Cross-site request forgery (CSRF) vulnerability in process_bug.cgi in Bugzilla 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that modify bugs via vectors involving a midair-collision token. |
5 | 2013-02-24 | CVE-2013-0786 | The Bugzilla::Search::build_subselect function in Bugzilla 2.x and 3.x before 3.6.13 and 3.7.x and 4.0.x before 4.0.10 generates different error messages for invalid product queries depending on whether a product exists, which allows remote attackers to discover private product names by using debug mode for a query. |
4.3 | 2013-02-24 | CVE-2013-0785 | Cross-site scripting (XSS) vulnerability in show_bug.cgi in Bugzilla before 3.6.13, 3.7.x and 4.0.x before 4.0.10, 4.1.x and 4.2.x before 4.2.5, and 4.3.x and 4.4.x before 4.4rc2 allows remote attackers to inject arbitrary web script or HTML via the id parameter in conjunction with an invalid value of the format parameter. |
5 | 2012-11-16 | CVE-2012-5884 | The User.get method in Bugzilla/WebService/User.pm in Bugzilla 4.3.2 allows remote attackers to obtain sensitive information about the saved searches of arbitrary users via an XMLRPC request or a JSONRPC request, a different vulnerability than CVE-2012-4198. |
4.3 | 2012-11-16 | CVE-2012-5883 | Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.9.0, as used in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1, allows remote attackers to inject arbitrary web script or HTML via vectors related to swfstore.swf, a similar issue to CVE-2010-4209. |
4.3 | 2012-11-16 | CVE-2012-4199 | template/en/default/bug/field-events.js.tmpl in Bugzilla 3.x before 3.6.12, 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 generates JavaScript function calls containing private product names or private component names in certain circumstances involving custom-field visibility control, which allows remote attackers to obtain sensitive information by reading HTML source code. |
4 | 2012-11-16 | CVE-2012-4198 | The User.get method in Bugzilla/WebService/User.pm in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 has a different outcome for a groups request depending on whether a group exists, which allows remote authenticated users to discover private group names by observing whether a call throws an error. |
5 | 2012-11-16 | CVE-2012-4197 | Bugzilla/Attachment.pm in attachment.cgi in Bugzilla 2.x and 3.x before 3.6.12, 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 allows remote attackers to read attachment descriptions from private bugs via an obsolete=1 insert action. |
4.3 | 2012-11-16 | CVE-2012-4189 | Cross-site scripting (XSS) vulnerability in Bugzilla 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1, allows remote attackers to inject arbitrary web script or HTML via a field value that is not properly handled during construction of a tabular report, as demonstrated by the Version field. |
5 | 2012-09-04 | CVE-2012-4747 | Bugzilla 2.x and 3.x through 3.6.11, 3.7.x and 4.0.x before 4.0.8, 4.1.x and 4.2.x before 4.2.3, and 4.3.x before 4.3.3 stores potentially sensitive information under the web root with insufficient access control, which allows remote attackers to read (1) template (aka .tmpl) files, (2) other custom extension files under extensions/, or (3) custom documentation files under docs/ via a direct request. |
5 | 2012-09-04 | CVE-2012-3981 | Auth/Verify/LDAP.pm in Bugzilla 2.x and 3.x before 3.6.11, 3.7.x and 4.0.x before 4.0.8, 4.1.x and 4.2.x before 4.2.3, and 4.3.x before 4.3.3 does not restrict the characters in a username, which might allow remote attackers to inject data into an LDAP directory via a crafted login attempt. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
24% (20) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
21% (18) | CWE-264 | Permissions, Privileges, and Access Controls |
18% (15) | CWE-352 | Cross-Site Request Forgery (CSRF) |
14% (12) | CWE-200 | Information Exposure |
4% (4) | CWE-20 | Improper Input Validation |
3% (3) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
2% (2) | CWE-287 | Improper Authentication |
2% (2) | CWE-255 | Credentials Management |
2% (2) | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('... |
1% (1) | CWE-310 | Cryptographic Issues |
1% (1) | CWE-189 | Numeric Errors |
1% (1) | CWE-77 | Improper Sanitization of Special Elements used in a Command ('Comma... |
1% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-18 | Embedding Scripts in Nonscript Elements |
CAPEC-26 | Leveraging Race Conditions |
CAPEC-27 | Leveraging Race Conditions via Symbolic Links |
CAPEC-58 | Restful Privilege Elevation |
CAPEC-63 | Simple Script Injection |
CAPEC-73 | User-Controlled Filename |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:11047 | Buffer overflow in LHA allows remote attackers to execute arbitrary code via ... |
oval:org.mitre.oval:def:7942 | DSA-1913 bugzilla -- SQL injection vulnerability |
oval:org.mitre.oval:def:13667 | DSA-1913-1 bugzilla -- SQL injection vulnerability |
oval:org.mitre.oval:def:14859 | DSA-2322-1 bugzilla -- several |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
78062 | Bugzilla User.offer_account_by_email Method user_can_create_account Value Par... |
78061 | Bugzilla report.cgi Real Name Field XSS |
78060 | Bugzilla chart.cgi label0 Parameter XSS |
78059 | Bugzilla attachment.cgi Attachment Addition CSRF |
78058 | Bugzilla post_bug.cgi Bug Report Creation CSRF |
74525 | Bugzilla on Windows Uploaded Attachment Temporary File Local Information Disc... |
74303 | Bugzilla BUGLIST Cookie XSS |
74302 | Bugzilla Temporary Attachment File Local Disclosure |
74301 | Bugzilla Account Email Change Notification Weakness |
74300 | Bugzilla Flagmail Attachment Description Header CRLF Injection |
74299 | Bugzilla Custom Search URL Parsing Group Name Disclosure |
74298 | Bugzilla Bug Creation / Editing URL Parsing Group Name Disclosure |
74297 | Bugzilla Patch Attachment Raw Unified Viewing Mode XSS |
70710 | Bugzilla quips.cgi Quip Moderation CSRF |
70709 | Bugzilla colchange.cgi Column Manipulation CSRF |
70708 | Bugzilla chart.cgi Chart Manipulation CSRF |
70707 | Bugzilla sanitycheck.cgi Authentication Hijack CSRF |
70706 | Bugzilla votes.cgi Authentication Hijack CSRF |
70705 | Bugzilla buglist.cgi Saved Search Addition CSRF |
70704 | Bugzilla Multiple URI Clickable Link bug_file_loc Field XSS |
70703 | Bugzilla chart.cgi Query String HTTP Response Splitting CRLF Injection |
70702 | Bugzilla YUI DataTable Widget Duplicate Detection Summary Field XSS |
70701 | Bugzilla YUI AutoComplete Widget User Account Real Name Field XSS |
70700 | Bugzilla srand Function Cookie / Token Random Value Weakness Arbitrary Accoun... |
70699 | Bugzilla Multiple URI Preceding Whitespace bug_file_loc Field XSS |
OpenVAS Exploits
id | Description |
---|---|
2012-11-26 | Name : FreeBSD Ports: bugzilla File : nvt/freebsd_bugzilla20.nasl |
2012-11-26 | Name : Fedora Update for bugzilla FEDORA-2012-18224 File : nvt/gb_fedora_2012_18224_bugzilla_fc16.nasl |
2012-11-26 | Name : Fedora Update for bugzilla FEDORA-2012-18210 File : nvt/gb_fedora_2012_18210_bugzilla_fc17.nasl |
2012-09-11 | Name : Bugzilla LDAP Code Injection And Security Bypass Vulnerabilities File : nvt/gb_bugzilla_code_injection_n_sec_bypass_vulns.nasl |
2012-09-11 | Name : Fedora Update for bugzilla FEDORA-2012-13171 File : nvt/gb_fedora_2012_13171_bugzilla_fc16.nasl |
2012-09-11 | Name : Fedora Update for bugzilla FEDORA-2012-13163 File : nvt/gb_fedora_2012_13163_bugzilla_fc17.nasl |
2012-09-07 | Name : FreeBSD Ports: bugzilla File : nvt/freebsd_bugzilla19.nasl |
2012-08-30 | Name : Fedora Update for bugzilla FEDORA-2012-6282 File : nvt/gb_fedora_2012_6282_bugzilla_fc17.nasl |
2012-08-30 | Name : Fedora Update for bugzilla FEDORA-2012-11364 File : nvt/gb_fedora_2012_11364_bugzilla_fc17.nasl |
2012-08-14 | Name : Fedora Update for bugzilla FEDORA-2012-11324 File : nvt/gb_fedora_2012_11324_bugzilla_fc16.nasl |
2012-08-10 | Name : FreeBSD Ports: bugzilla File : nvt/freebsd_bugzilla18.nasl |
2012-05-04 | Name : Fedora Update for bugzilla FEDORA-2012-6368 File : nvt/gb_fedora_2012_6368_bugzilla_fc16.nasl |
2012-05-04 | Name : Fedora Update for bugzilla FEDORA-2012-6396 File : nvt/gb_fedora_2012_6396_bugzilla_fc15.nasl |
2012-04-30 | Name : FreeBSD Ports: bugzilla File : nvt/freebsd_bugzilla16.nasl |
2012-04-30 | Name : FreeBSD Ports: bugzilla File : nvt/freebsd_bugzilla17.nasl |
2012-04-02 | Name : Fedora Update for bugzilla FEDORA-2012-2398 File : nvt/gb_fedora_2012_2398_bugzilla_fc16.nasl |
2012-04-02 | Name : Fedora Update for bugzilla FEDORA-2012-0301 File : nvt/gb_fedora_2012_0301_bugzilla_fc16.nasl |
2012-04-02 | Name : Fedora Update for bugzilla FEDORA-2011-10399 File : nvt/gb_fedora_2011_10399_bugzilla_fc16.nasl |
2012-03-19 | Name : Fedora Update for bugzilla FEDORA-2012-1218 File : nvt/gb_fedora_2012_1218_bugzilla_fc16.nasl |
2012-02-13 | Name : Fedora Update for bugzilla FEDORA-2012-1189 File : nvt/gb_fedora_2012_1189_bugzilla_fc15.nasl |
2012-02-12 | Name : FreeBSD Ports: bugzilla File : nvt/freebsd_bugzilla15.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-03 (bugzilla) File : nvt/glsa_201110_03.nasl |
2012-01-20 | Name : Fedora Update for bugzilla FEDORA-2012-0328 File : nvt/gb_fedora_2012_0328_bugzilla_fc15.nasl |
2011-10-16 | Name : Debian Security Advisory DSA 2322-1 (bugzilla) File : nvt/deb_2322_1.nasl |
2011-09-21 | Name : FreeBSD Ports: bugzilla File : nvt/freebsd_bugzilla13.nasl |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | globals.pl access RuleID : 2073-community - Type : SERVER-WEBAPP - Revision : 10 |
2014-01-10 | globals.pl access RuleID : 2073 - Type : SERVER-WEBAPP - Revision : 10 |
2014-01-10 | Bugtraq enter_bug.cgi access RuleID : 2055-community - Type : SERVER-WEBAPP - Revision : 15 |
2014-01-10 | Bugtraq enter_bug.cgi access RuleID : 2055 - Type : SERVER-WEBAPP - Revision : 15 |
2014-01-10 | Bugtraq enter_bug.cgi arbitrary command attempt RuleID : 2054-community - Type : SERVER-WEBAPP - Revision : 16 |
2014-01-10 | Bugtraq enter_bug.cgi arbitrary command attempt RuleID : 2054 - Type : SERVER-WEBAPP - Revision : 16 |
2014-01-10 | Bugtraq process_bug.cgi access RuleID : 2053-community - Type : SERVER-WEBAPP - Revision : 16 |
2014-01-10 | Bugtraq process_bug.cgi access RuleID : 2053 - Type : SERVER-WEBAPP - Revision : 16 |
2014-01-10 | Bugzilla doeditvotes.cgi access RuleID : 1617-community - Type : SERVER-WEBAPP - Revision : 16 |
2014-01-10 | Bugzilla doeditvotes.cgi access RuleID : 1617 - Type : SERVER-WEBAPP - Revision : 16 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2018-03-07 | Name: The remote Fedora host is missing a security update. File: fedora_2018-b79f325c48.nasl - Type: ACT_GATHER_INFO |
2018-02-20 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_22283b8c13c511e8a86120cf30e32f6d.nasl - Type: ACT_GATHER_INFO |
2017-03-06 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_5ed094a0015011e7ae1b002590263bf5.nasl - Type: ACT_GATHER_INFO |
2016-07-21 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201607-11.nasl - Type: ACT_GATHER_INFO |
2016-07-14 | Name: The remote Fedora host is missing a security update. File: fedora_2016-37a8cb68c5.nasl - Type: ACT_GATHER_INFO |
2016-07-14 | Name: The remote Fedora host is missing a security update. File: fedora_2016-5bd283c48b.nasl - Type: ACT_GATHER_INFO |
2016-07-14 | Name: The remote Fedora host is missing a security update. File: fedora_2016-6cdcddef2c.nasl - Type: ACT_GATHER_INFO |
2016-05-18 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_036d6c381c5b11e6b9e020cf30e32f6d.nasl - Type: ACT_GATHER_INFO |
2015-12-29 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_54075861a95a11e58b4020cf30e32f6d.nasl - Type: ACT_GATHER_INFO |
2015-10-29 | Name: The remote Fedora host is missing a security update. File: fedora_2015-15767.nasl - Type: ACT_GATHER_INFO |
2015-10-29 | Name: The remote Fedora host is missing a security update. File: fedora_2015-15768.nasl - Type: ACT_GATHER_INFO |
2015-10-06 | Name: The remote Fedora host is missing a security update. File: fedora_2015-15769.nasl - Type: ACT_GATHER_INFO |
2015-09-21 | Name: The remote web server contains a web application that is affected by a vulner... File: bugzilla_5_0_1.nasl - Type: ACT_GATHER_INFO |
2015-09-14 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_ea893f065a9211e598c020cf30e32f6d.nasl - Type: ACT_GATHER_INFO |
2015-02-20 | Name: The remote web server contains a web application that is affected by multiple... File: bugzilla_5_0_rc1.nasl - Type: ACT_GATHER_INFO |
2015-02-16 | Name: The remote Fedora host is missing a security update. File: fedora_2015-1699.nasl - Type: ACT_GATHER_INFO |
2015-02-16 | Name: The remote Fedora host is missing a security update. File: fedora_2015-1713.nasl - Type: ACT_GATHER_INFO |
2015-02-06 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2015-030.nasl - Type: ACT_GATHER_INFO |
2015-01-27 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_dc2d76dfa59511e4936320cf30e32f6d.nasl - Type: ACT_GATHER_INFO |
2014-11-03 | Name: The remote Fedora host is missing a security update. File: fedora_2014-12591.nasl - Type: ACT_GATHER_INFO |
2014-10-23 | Name: The remote Fedora host is missing a security update. File: fedora_2014-12530.nasl - Type: ACT_GATHER_INFO |
2014-10-23 | Name: The remote Fedora host is missing a security update. File: fedora_2014-12584.nasl - Type: ACT_GATHER_INFO |
2014-10-22 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2014-200.nasl - Type: ACT_GATHER_INFO |
2014-10-07 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_b65873414d8811e4aef920cf30e32f6d.nasl - Type: ACT_GATHER_INFO |
2014-10-06 | Name: The remote web server contains a web application affected by multiple vulnera... File: bugzilla_4_4_6.nasl - Type: ACT_GATHER_INFO |