This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:mozilla:bugzilla
Detail
VendorMozillaFirst view 2000-05-11
ProductBugzillaLast view2016-01-03
VersionTypeApplication
Edition 
Language 
Update 

Activity : Overall

COMMON PLATFORM ENUMERATION : Repartition per Version

This CPE Product have more than 100 Versions. If you want to see a complete summary for this CPE, please contact us.
CPE NameAffected CVE
cpe:/a:mozilla:bugzilla:5.0.12
cpe:/a:mozilla:bugzilla:5.02
cpe:/a:mozilla:bugzilla:4.5.61
cpe:/a:mozilla:bugzilla:4.5.54
cpe:/a:mozilla:bugzilla:4.5.45
Hide | Show 95 More...
CPE NameAffected CVE
cpe:/a:mozilla:bugzilla:4.5.35
cpe:/a:mozilla:bugzilla:4.5.26
cpe:/a:mozilla:bugzilla:4.5.16
cpe:/a:mozilla:bugzilla:4.56
cpe:/a:mozilla:bugzilla:4.4.92
cpe:/a:mozilla:bugzilla:4.4.82
cpe:/a:mozilla:bugzilla:4.4.72
cpe:/a:mozilla:bugzilla:4.4.63
cpe:/a:mozilla:bugzilla:4.4.56
cpe:/a:mozilla:bugzilla:4.4.47
cpe:/a:mozilla:bugzilla:4.4.37
cpe:/a:mozilla:bugzilla:4.4.28
cpe:/a:mozilla:bugzilla:4.4.102
cpe:/a:mozilla:bugzilla:4.4.18
cpe:/a:mozilla:bugzilla:4.410
cpe:/a:mozilla:bugzilla:4.4:-2
cpe:/a:mozilla:bugzilla:4.4:rc111
cpe:/a:mozilla:bugzilla:4.4:rc210
cpe:/a:mozilla:bugzilla:4.3.315
cpe:/a:mozilla:bugzilla:4.3.218
cpe:/a:mozilla:bugzilla:4.3.119
cpe:/a:mozilla:bugzilla:4.319
cpe:/a:mozilla:bugzilla:4.2.98
cpe:/a:mozilla:bugzilla:4.2.88
cpe:/a:mozilla:bugzilla:4.2.78
cpe:/a:mozilla:bugzilla:4.2.68
cpe:/a:mozilla:bugzilla:4.2.511
cpe:/a:mozilla:bugzilla:4.2.412
cpe:/a:mozilla:bugzilla:4.2.317
cpe:/a:mozilla:bugzilla:4.2.219
cpe:/a:mozilla:bugzilla:4.2.152
cpe:/a:mozilla:bugzilla:4.2.142
cpe:/a:mozilla:bugzilla:4.2.132
cpe:/a:mozilla:bugzilla:4.2.122
cpe:/a:mozilla:bugzilla:4.2.113
cpe:/a:mozilla:bugzilla:4.2.106
cpe:/a:mozilla:bugzilla:4.2.121
cpe:/a:mozilla:bugzilla:4.223
cpe:/a:mozilla:bugzilla:4.2:rc124
cpe:/a:mozilla:bugzilla:4.2:rc222
cpe:/a:mozilla:bugzilla:4.1.328
cpe:/a:mozilla:bugzilla:4.1.234
cpe:/a:mozilla:bugzilla:4.1.134
cpe:/a:mozilla:bugzilla:4.132
cpe:/a:mozilla:bugzilla:4.0.98
cpe:/a:mozilla:bugzilla:4.0.812
cpe:/a:mozilla:bugzilla:4.0.714
cpe:/a:mozilla:bugzilla:4.0.614
cpe:/a:mozilla:bugzilla:4.0.516
cpe:/a:mozilla:bugzilla:4.0.417
cpe:/a:mozilla:bugzilla:4.0.319
cpe:/a:mozilla:bugzilla:4.0.223
cpe:/a:mozilla:bugzilla:4.0.182
cpe:/a:mozilla:bugzilla:4.0.172
cpe:/a:mozilla:bugzilla:4.0.163
cpe:/a:mozilla:bugzilla:4.0.152
cpe:/a:mozilla:bugzilla:4.0.145
cpe:/a:mozilla:bugzilla:4.0.137
cpe:/a:mozilla:bugzilla:4.0.127
cpe:/a:mozilla:bugzilla:4.0.117
cpe:/a:mozilla:bugzilla:4.0.109
cpe:/a:mozilla:bugzilla:4.0.130
cpe:/a:mozilla:bugzilla:4.034
cpe:/a:mozilla:bugzilla:4.0:rc133
cpe:/a:mozilla:bugzilla:4.0:rc226
cpe:/a:mozilla:bugzilla:3.7.332
cpe:/a:mozilla:bugzilla:3.7.235
cpe:/a:mozilla:bugzilla:3.7.136
cpe:/a:mozilla:bugzilla:3.735
cpe:/a:mozilla:bugzilla:3.6.916
cpe:/a:mozilla:bugzilla:3.6.818
cpe:/a:mozilla:bugzilla:3.6.724
cpe:/a:mozilla:bugzilla:3.6.624
cpe:/a:mozilla:bugzilla:3.6.529
cpe:/a:mozilla:bugzilla:3.6.429
cpe:/a:mozilla:bugzilla:3.6.334
cpe:/a:mozilla:bugzilla:3.6.236
cpe:/a:mozilla:bugzilla:3.6.139
cpe:/a:mozilla:bugzilla:3.6.1211
cpe:/a:mozilla:bugzilla:3.6.1113
cpe:/a:mozilla:bugzilla:3.6.1015
cpe:/a:mozilla:bugzilla:3.6.140
cpe:/a:mozilla:bugzilla:3.6.032
cpe:/a:mozilla:bugzilla:3.635
cpe:/a:mozilla:bugzilla:3.6:rc127
cpe:/a:mozilla:bugzilla:3.5.331
cpe:/a:mozilla:bugzilla:3.5.233
cpe:/a:mozilla:bugzilla:3.5.134
cpe:/a:mozilla:bugzilla:3.526
cpe:/a:mozilla:bugzilla:3.4.930
cpe:/a:mozilla:bugzilla:3.4.832
cpe:/a:mozilla:bugzilla:3.4.735
cpe:/a:mozilla:bugzilla:3.4.636
cpe:/a:mozilla:bugzilla:3.4.536
cpe:/a:mozilla:bugzilla:3.4.436

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32016-01-03CVE-2015-8509NetworkMediumNone Requ...
2.62016-01-03CVE-2015-8508NetworkHighNone Requ...
6.52015-02-01CVE-2014-8630NetworkLowRequires ...
4.32014-10-12CVE-2014-1573NetworkMediumNone Requ...
52014-10-12CVE-2014-1572NetworkLowNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
42014-10-12CVE-2014-1571NetworkLowRequires ...
4.32014-08-14CVE-2014-1546NetworkMediumNone Requ...
42014-04-19CVE-2014-1517NetworkLowRequires ...
4.32013-10-24CVE-2013-1743NetworkMediumNone Requ...
4.32013-10-24CVE-2013-1742NetworkMediumNone Requ...
6.82013-10-24CVE-2013-1734NetworkMediumNone Requ...
6.82013-10-24CVE-2013-1733NetworkMediumNone Requ...
52013-02-24CVE-2013-0786NetworkLowNone Requ...
4.32013-02-24CVE-2013-0785NetworkMediumNone Requ...
52012-11-16CVE-2012-5884NetworkLowNone Requ...
4.32012-11-16CVE-2012-5883NetworkMediumNone Requ...
4.32012-11-16CVE-2012-4199NetworkMediumNone Requ...
42012-11-16CVE-2012-4198NetworkLowRequires ...
52012-11-16CVE-2012-4197NetworkLowNone Requ...
4.32012-11-16CVE-2012-4189NetworkMediumNone Requ...
52012-09-04CVE-2012-4747NetworkLowNone Requ...
52012-09-04CVE-2012-3981NetworkLowNone Requ...
4.32012-07-30CVE-2012-1969NetworkMediumNone Requ...
4.32012-07-30CVE-2012-1968NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
24% (19)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
22% (18)CWE-264Permissions, Privileges, and Access Controls
17% (14)CWE-352Cross-Site Request Forgery (CSRF)
15% (12)CWE-200Information Exposure
3% (3)CWE-94Failure to Control Generation of Code ('Code Injection')
Hide | Show 8 More...
%idName
3% (3)CWE-20Improper Input Validation
2% (2)CWE-287Improper Authentication
2% (2)CWE-255Credentials Management
2% (2)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
1% (1)CWE-310Cryptographic Issues
1% (1)CWE-189Numeric Errors
1% (1)CWE-77Improper Sanitization of Special Elements used in a Command ('Comma...
1% (1)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-18Embedding Scripts in Nonscript Elements
CAPEC-26Leveraging Race Conditions
CAPEC-27Leveraging Race Conditions via Symbolic Links
CAPEC-58Restful Privilege Elevation
CAPEC-63Simple Script Injection
Hide | Show 1 More...
idName
CAPEC-73User-Controlled Filename

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:11047Buffer overflow in LHA allows remote attackers to execute arbitrary code via ...
oval:org.mitre.oval:def:7942DSA-1913 bugzilla -- SQL injection vulnerability
oval:org.mitre.oval:def:13667DSA-1913-1 bugzilla -- SQL injection vulnerability
oval:org.mitre.oval:def:14859DSA-2322-1 bugzilla -- several

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
78062Bugzilla User.offer_account_by_email Method user_can_create_account Value Par...
78061Bugzilla report.cgi Real Name Field XSS
78060Bugzilla chart.cgi label0 Parameter XSS
78059Bugzilla attachment.cgi Attachment Addition CSRF
78058Bugzilla post_bug.cgi Bug Report Creation CSRF
Hide | Show 20 More...
idDescription
74525Bugzilla on Windows Uploaded Attachment Temporary File Local Information Disc...
74303Bugzilla BUGLIST Cookie XSS
74302Bugzilla Temporary Attachment File Local Disclosure
74301Bugzilla Account Email Change Notification Weakness
74300Bugzilla Flagmail Attachment Description Header CRLF Injection
74299Bugzilla Custom Search URL Parsing Group Name Disclosure
74298Bugzilla Bug Creation / Editing URL Parsing Group Name Disclosure
74297Bugzilla Patch Attachment Raw Unified Viewing Mode XSS
70710Bugzilla quips.cgi Quip Moderation CSRF
70709Bugzilla colchange.cgi Column Manipulation CSRF
70708Bugzilla chart.cgi Chart Manipulation CSRF
70707Bugzilla sanitycheck.cgi Authentication Hijack CSRF
70706Bugzilla votes.cgi Authentication Hijack CSRF
70705Bugzilla buglist.cgi Saved Search Addition CSRF
70704Bugzilla Multiple URI Clickable Link bug_file_loc Field XSS
70703Bugzilla chart.cgi Query String HTTP Response Splitting CRLF Injection
70702Bugzilla YUI DataTable Widget Duplicate Detection Summary Field XSS
70701Bugzilla YUI AutoComplete Widget User Account Real Name Field XSS
70700Bugzilla srand Function Cookie / Token Random Value Weakness Arbitrary Accoun...
70699Bugzilla Multiple URI Preceding Whitespace bug_file_loc Field XSS

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-11-26Name : FreeBSD Ports: bugzilla
File : nvt/freebsd_bugzilla20.nasl
2012-11-26Name : Fedora Update for bugzilla FEDORA-2012-18210
File : nvt/gb_fedora_2012_18210_bugzilla_fc17.nasl
2012-11-26Name : Fedora Update for bugzilla FEDORA-2012-18224
File : nvt/gb_fedora_2012_18224_bugzilla_fc16.nasl
2012-09-11Name : Bugzilla LDAP Code Injection And Security Bypass Vulnerabilities
File : nvt/gb_bugzilla_code_injection_n_sec_bypass_vulns.nasl
2012-09-11Name : Fedora Update for bugzilla FEDORA-2012-13163
File : nvt/gb_fedora_2012_13163_bugzilla_fc17.nasl
Hide | Show 20 More...
idDescription
2012-09-11Name : Fedora Update for bugzilla FEDORA-2012-13171
File : nvt/gb_fedora_2012_13171_bugzilla_fc16.nasl
2012-09-07Name : FreeBSD Ports: bugzilla
File : nvt/freebsd_bugzilla19.nasl
2012-08-30Name : Fedora Update for bugzilla FEDORA-2012-11364
File : nvt/gb_fedora_2012_11364_bugzilla_fc17.nasl
2012-08-30Name : Fedora Update for bugzilla FEDORA-2012-6282
File : nvt/gb_fedora_2012_6282_bugzilla_fc17.nasl
2012-08-14Name : Fedora Update for bugzilla FEDORA-2012-11324
File : nvt/gb_fedora_2012_11324_bugzilla_fc16.nasl
2012-08-10Name : FreeBSD Ports: bugzilla
File : nvt/freebsd_bugzilla18.nasl
2012-05-04Name : Fedora Update for bugzilla FEDORA-2012-6368
File : nvt/gb_fedora_2012_6368_bugzilla_fc16.nasl
2012-05-04Name : Fedora Update for bugzilla FEDORA-2012-6396
File : nvt/gb_fedora_2012_6396_bugzilla_fc15.nasl
2012-04-30Name : FreeBSD Ports: bugzilla
File : nvt/freebsd_bugzilla16.nasl
2012-04-30Name : FreeBSD Ports: bugzilla
File : nvt/freebsd_bugzilla17.nasl
2012-04-02Name : Fedora Update for bugzilla FEDORA-2012-2398
File : nvt/gb_fedora_2012_2398_bugzilla_fc16.nasl
2012-04-02Name : Fedora Update for bugzilla FEDORA-2011-10399
File : nvt/gb_fedora_2011_10399_bugzilla_fc16.nasl
2012-04-02Name : Fedora Update for bugzilla FEDORA-2012-0301
File : nvt/gb_fedora_2012_0301_bugzilla_fc16.nasl
2012-03-19Name : Fedora Update for bugzilla FEDORA-2012-1218
File : nvt/gb_fedora_2012_1218_bugzilla_fc16.nasl
2012-02-13Name : Fedora Update for bugzilla FEDORA-2012-1189
File : nvt/gb_fedora_2012_1189_bugzilla_fc15.nasl
2012-02-12Name : FreeBSD Ports: bugzilla
File : nvt/freebsd_bugzilla15.nasl
2012-02-12Name : Gentoo Security Advisory GLSA 201110-03 (bugzilla)
File : nvt/glsa_201110_03.nasl
2012-01-20Name : Fedora Update for bugzilla FEDORA-2012-0328
File : nvt/gb_fedora_2012_0328_bugzilla_fc15.nasl
2011-10-16Name : Debian Security Advisory DSA 2322-1 (bugzilla)
File : nvt/deb_2322_1.nasl
2011-09-21Name : FreeBSD Ports: bugzilla
File : nvt/freebsd_bugzilla13.nasl

Snort® IPS/IDS

DateDescription
2014-01-10globals.pl access
RuleID : 2073-community - Type : SERVER-WEBAPP - Revision : 10
2014-01-10globals.pl access
RuleID : 2073 - Type : SERVER-WEBAPP - Revision : 10
2014-01-10Bugtraq enter_bug.cgi access
RuleID : 2055-community - Type : SERVER-WEBAPP - Revision : 15
2014-01-10Bugtraq enter_bug.cgi access
RuleID : 2055 - Type : SERVER-WEBAPP - Revision : 15
2014-01-10Bugtraq enter_bug.cgi arbitrary command attempt
RuleID : 2054-community - Type : SERVER-WEBAPP - Revision : 16
Hide | Show 5 More...
DateDescription
2014-01-10Bugtraq enter_bug.cgi arbitrary command attempt
RuleID : 2054 - Type : SERVER-WEBAPP - Revision : 16
2014-01-10Bugtraq process_bug.cgi access
RuleID : 2053-community - Type : SERVER-WEBAPP - Revision : 16
2014-01-10Bugtraq process_bug.cgi access
RuleID : 2053 - Type : SERVER-WEBAPP - Revision : 16
2014-01-10Bugzilla doeditvotes.cgi access
RuleID : 1617-community - Type : SERVER-WEBAPP - Revision : 16
2014-01-10Bugzilla doeditvotes.cgi access
RuleID : 1617 - Type : SERVER-WEBAPP - Revision : 16

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2015-12-29Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_54075861a95a11e58b4020cf30e32f6d.nasl - Type : ACT_GATHER_INFO
2015-02-20Name : The remote web server contains a web application that is affected by multiple...
File : bugzilla_5_0_rc1.nasl - Type : ACT_GATHER_INFO
2015-02-16Name : The remote Fedora host is missing a security update.
File : fedora_2015-1699.nasl - Type : ACT_GATHER_INFO
2015-02-16Name : The remote Fedora host is missing a security update.
File : fedora_2015-1713.nasl - Type : ACT_GATHER_INFO
2015-02-06Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-030.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2015-01-27Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_dc2d76dfa59511e4936320cf30e32f6d.nasl - Type : ACT_GATHER_INFO
2014-11-03Name : The remote Fedora host is missing a security update.
File : fedora_2014-12591.nasl - Type : ACT_GATHER_INFO
2014-10-23Name : The remote Fedora host is missing a security update.
File : fedora_2014-12530.nasl - Type : ACT_GATHER_INFO
2014-10-23Name : The remote Fedora host is missing a security update.
File : fedora_2014-12584.nasl - Type : ACT_GATHER_INFO
2014-10-22Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-200.nasl - Type : ACT_GATHER_INFO
2014-10-07Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_b65873414d8811e4aef920cf30e32f6d.nasl - Type : ACT_GATHER_INFO
2014-10-06Name : The remote web server contains a web application affected by multiple vulnera...
File : bugzilla_4_4_6.nasl - Type : ACT_GATHER_INFO
2014-09-22Name : The remote web server contains a web application affected by a CSRF vulnerabi...
File : bugzilla_4_5_5.nasl - Type : ACT_GATHER_INFO
2014-09-12Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-169.nasl - Type : ACT_GATHER_INFO
2014-08-08Name : The remote Fedora host is missing a security update.
File : fedora_2014-8919.nasl - Type : ACT_GATHER_INFO
2014-08-04Name : The remote Fedora host is missing a security update.
File : fedora_2014-8920.nasl - Type : ACT_GATHER_INFO
2014-07-26Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_9defb2d6140411e48cae20cf30e32f6d.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_perl-CGI-Simple-110107.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_perl-110112.nasl - Type : ACT_GATHER_INFO
2014-05-20Name : The remote web server contains a web application that suffers from a cross-si...
File : bugzilla_login_xsrf.nasl - Type : ACT_GATHER_INFO
2014-04-30Name : The remote Fedora host is missing a security update.
File : fedora_2014-5414.nasl - Type : ACT_GATHER_INFO
2014-04-30Name : The remote Fedora host is missing a security update.
File : fedora_2014-5433.nasl - Type : ACT_GATHER_INFO
2014-04-21Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_608ed765c70011e3848c20cf30e32f6d.nasl - Type : ACT_GATHER_INFO
2013-11-27Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-285.nasl - Type : ACT_GATHER_INFO
2013-11-11Name : The remote Fedora host is missing a security update.
File : fedora_2013-19402.nasl - Type : ACT_GATHER_INFO