This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:mozilla:bugzilla:2.16:rc1 |
| Detail | |||
|---|---|---|---|
| Vendor | Mozilla | First view | 2002-08-12 |
| Product | Bugzilla | Last view | 2014-10-12 |
| Version | 2.16 | Type | Application |
| Edition | |||
| Language | |||
| Update | rc1 | ||
| CPE Product | cpe:/a:mozilla:bugzilla | ||
Activity : Overall
Related : CVE
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 4.3 | 2014-10-12 | CVE-2014-1573 | Network | Medium | None Requ... | |
| 5 | 2014-10-12 | CVE-2014-1572 | Network | Low | None Requ... | |
| 4 | 2014-10-12 | CVE-2014-1571 | Network | Low | Requires ... | |
| 4 | 2014-04-19 | CVE-2014-1517 | Network | Low | Requires ... | |
| 4.3 | 2013-10-24 | CVE-2013-1742 | Network | Medium | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 6.8 | 2013-10-24 | CVE-2013-1734 | Network | Medium | None Requ... | |
| 5 | 2013-02-24 | CVE-2013-0786 | Network | Low | None Requ... | |
| 5 | 2012-11-16 | CVE-2012-4197 | Network | Low | None Requ... | |
| 5 | 2012-09-04 | CVE-2012-4747 | Network | Low | None Requ... | |
| 5 | 2012-09-04 | CVE-2012-3981 | Network | Low | None Requ... | |
| 4.3 | 2012-07-30 | CVE-2012-1969 | Network | Medium | None Requ... | |
| 4 | 2012-04-27 | CVE-2012-0466 | Network | High | None Requ... | |
| 4 | 2012-02-02 | CVE-2012-0448 | Network | Low | Requires ... | |
| 6.8 | 2012-01-02 | CVE-2011-3669 | Network | Medium | None Requ... | |
| 6.8 | 2012-01-02 | CVE-2011-3668 | Network | Medium | None Requ... | |
| 6.8 | 2012-01-02 | CVE-2011-3667 | Network | Medium | None Requ... | |
| 4.3 | 2012-01-02 | CVE-2011-3657 | Network | Medium | None Requ... | |
| 5 | 2011-08-09 | CVE-2011-2978 | Network | Low | None Requ... | |
| 4.3 | 2011-08-09 | CVE-2011-2976 | Network | Medium | None Requ... | |
| 4.3 | 2011-08-09 | CVE-2011-2379 | Network | Medium | None Requ... | |
| 4.3 | 2011-01-28 | CVE-2011-0048 | Network | Medium | None Requ... | |
| 6.8 | 2011-01-28 | CVE-2011-0046 | Network | Medium | None Requ... | |
| 4.3 | 2011-01-28 | CVE-2010-4572 | Network | Medium | None Requ... | |
| 7.5 | 2011-01-28 | CVE-2010-4568 | Network | Low | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 27% (9) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 21% (7) | CWE-264 | Permissions, Privileges, and Access Controls |
| 18% (6) | CWE-352 | Cross-Site Request Forgery (CSRF) |
| 12% (4) | CWE-200 | Information Exposure |
| 6% (2) | CWE-287 | Improper Authentication |
| % | id | Name |
|---|---|---|
| 6% (2) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 6% (2) | CWE-20 | Improper Input Validation |
| 3% (1) | CWE-255 | Credentials Management |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-18 | Embedding Scripts in Nonscript Elements |
| CAPEC-63 | Simple Script Injection |
| CAPEC-73 | User-Controlled Filename |
Open Source Vulnerability Database (OSVDB)
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 78062 | Bugzilla User.offer_account_by_email Method user_can_create_account Value Par... |
| 78061 | Bugzilla report.cgi Real Name Field XSS |
| 78060 | Bugzilla chart.cgi label0 Parameter XSS |
| 78059 | Bugzilla attachment.cgi Attachment Addition CSRF |
| 78058 | Bugzilla post_bug.cgi Bug Report Creation CSRF |
| id | Description |
|---|---|
| 74303 | Bugzilla BUGLIST Cookie XSS |
| 74301 | Bugzilla Account Email Change Notification Weakness |
| 74297 | Bugzilla Patch Attachment Raw Unified Viewing Mode XSS |
| 70710 | Bugzilla quips.cgi Quip Moderation CSRF |
| 70709 | Bugzilla colchange.cgi Column Manipulation CSRF |
| 70708 | Bugzilla chart.cgi Chart Manipulation CSRF |
| 70707 | Bugzilla sanitycheck.cgi Authentication Hijack CSRF |
| 70706 | Bugzilla votes.cgi Authentication Hijack CSRF |
| 70705 | Bugzilla buglist.cgi Saved Search Addition CSRF |
| 70704 | Bugzilla Multiple URI Clickable Link bug_file_loc Field XSS |
| 70703 | Bugzilla chart.cgi Query String HTTP Response Splitting CRLF Injection |
| 70700 | Bugzilla srand Function Cookie / Token Random Value Weakness Arbitrary Accoun... |
| 70699 | Bugzilla Multiple URI Preceding Whitespace bug_file_loc Field XSS |
| 69222 | Bugzilla Old Charts Predictable Graph Filenames Remote Information Disclosure |
| 69221 | Bugzilla Server Push Crafted URL Response Splitting CRLF Injection |
| 62149 | Bugzilla Multiple Directory Access Restriction Weakness Remote Information Di... |
| 54054 | Bugzilla userprefs.cgi Keywords / User Preference Deletion CSRF |
| 54053 | Bugzilla editkeywords.cgi Keywords / User Preference Deletion CSRF |
| 54052 | Bugzilla process_bug.cgi Bug Update Activity CSRF |
| 54051 | Bugzilla Uploaded Attachment Handling XSS |
OpenVAS Exploits
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2012-11-26 | Name : FreeBSD Ports: bugzilla File : nvt/freebsd_bugzilla20.nasl |
| 2012-11-26 | Name : Fedora Update for bugzilla FEDORA-2012-18210 File : nvt/gb_fedora_2012_18210_bugzilla_fc17.nasl |
| 2012-11-26 | Name : Fedora Update for bugzilla FEDORA-2012-18224 File : nvt/gb_fedora_2012_18224_bugzilla_fc16.nasl |
| 2012-09-11 | Name : Bugzilla LDAP Code Injection And Security Bypass Vulnerabilities File : nvt/gb_bugzilla_code_injection_n_sec_bypass_vulns.nasl |
| 2012-09-11 | Name : Fedora Update for bugzilla FEDORA-2012-13163 File : nvt/gb_fedora_2012_13163_bugzilla_fc17.nasl |
| id | Description |
|---|---|
| 2012-09-11 | Name : Fedora Update for bugzilla FEDORA-2012-13171 File : nvt/gb_fedora_2012_13171_bugzilla_fc16.nasl |
| 2012-09-07 | Name : FreeBSD Ports: bugzilla File : nvt/freebsd_bugzilla19.nasl |
| 2012-08-30 | Name : Fedora Update for bugzilla FEDORA-2012-11364 File : nvt/gb_fedora_2012_11364_bugzilla_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for bugzilla FEDORA-2012-6282 File : nvt/gb_fedora_2012_6282_bugzilla_fc17.nasl |
| 2012-08-14 | Name : Fedora Update for bugzilla FEDORA-2012-11324 File : nvt/gb_fedora_2012_11324_bugzilla_fc16.nasl |
| 2012-08-10 | Name : FreeBSD Ports: bugzilla File : nvt/freebsd_bugzilla18.nasl |
| 2012-05-04 | Name : Fedora Update for bugzilla FEDORA-2012-6368 File : nvt/gb_fedora_2012_6368_bugzilla_fc16.nasl |
| 2012-05-04 | Name : Fedora Update for bugzilla FEDORA-2012-6396 File : nvt/gb_fedora_2012_6396_bugzilla_fc15.nasl |
| 2012-04-30 | Name : FreeBSD Ports: bugzilla File : nvt/freebsd_bugzilla16.nasl |
| 2012-04-02 | Name : Fedora Update for bugzilla FEDORA-2011-10399 File : nvt/gb_fedora_2011_10399_bugzilla_fc16.nasl |
| 2012-04-02 | Name : Fedora Update for bugzilla FEDORA-2012-0301 File : nvt/gb_fedora_2012_0301_bugzilla_fc16.nasl |
| 2012-03-19 | Name : Fedora Update for bugzilla FEDORA-2012-1218 File : nvt/gb_fedora_2012_1218_bugzilla_fc16.nasl |
| 2012-02-13 | Name : Fedora Update for bugzilla FEDORA-2012-1189 File : nvt/gb_fedora_2012_1189_bugzilla_fc15.nasl |
| 2012-02-12 | Name : FreeBSD Ports: bugzilla File : nvt/freebsd_bugzilla15.nasl |
| 2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-03 (bugzilla) File : nvt/glsa_201110_03.nasl |
| 2012-01-20 | Name : Fedora Update for bugzilla FEDORA-2012-0328 File : nvt/gb_fedora_2012_0328_bugzilla_fc15.nasl |
| 2011-10-16 | Name : Debian Security Advisory DSA 2322-1 (bugzilla) File : nvt/deb_2322_1.nasl |
| 2011-09-21 | Name : FreeBSD Ports: bugzilla File : nvt/freebsd_bugzilla13.nasl |
| 2011-08-24 | Name : Fedora Update for bugzilla FEDORA-2011-10413 File : nvt/gb_fedora_2011_10413_bugzilla_fc14.nasl |
| 2011-08-24 | Name : Fedora Update for bugzilla FEDORA-2011-10426 File : nvt/gb_fedora_2011_10426_bugzilla_fc15.nasl |
Nessus® Vulnerability Scanner
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2014-11-03 | Name : The remote Fedora host is missing a security update. File : fedora_2014-12591.nasl - Type : ACT_GATHER_INFO |
| 2014-10-23 | Name : The remote Fedora host is missing a security update. File : fedora_2014-12530.nasl - Type : ACT_GATHER_INFO |
| 2014-10-23 | Name : The remote Fedora host is missing a security update. File : fedora_2014-12584.nasl - Type : ACT_GATHER_INFO |
| 2014-10-22 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-200.nasl - Type : ACT_GATHER_INFO |
| 2014-10-07 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_b65873414d8811e4aef920cf30e32f6d.nasl - Type : ACT_GATHER_INFO |
| id | Description |
|---|---|
| 2014-10-06 | Name : The remote web server contains a web application affected by multiple vulnera... File : bugzilla_4_4_6.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_perl-CGI-Simple-110107.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_perl-110112.nasl - Type : ACT_GATHER_INFO |
| 2014-05-20 | Name : The remote web server contains a web application that suffers from a cross-si... File : bugzilla_login_xsrf.nasl - Type : ACT_GATHER_INFO |
| 2014-04-30 | Name : The remote Fedora host is missing a security update. File : fedora_2014-5414.nasl - Type : ACT_GATHER_INFO |
| 2014-04-30 | Name : The remote Fedora host is missing a security update. File : fedora_2014-5433.nasl - Type : ACT_GATHER_INFO |
| 2014-04-21 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_608ed765c70011e3848c20cf30e32f6d.nasl - Type : ACT_GATHER_INFO |
| 2013-11-27 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-285.nasl - Type : ACT_GATHER_INFO |
| 2013-11-11 | Name : The remote Fedora host is missing a security update. File : fedora_2013-19402.nasl - Type : ACT_GATHER_INFO |
| 2013-10-31 | Name : The remote web server contains a web application that suffers from multiple v... File : bugzilla_4_4_1.nasl - Type : ACT_GATHER_INFO |
| 2013-10-29 | Name : The remote Fedora host is missing a security update. File : fedora_2013-19458.nasl - Type : ACT_GATHER_INFO |
| 2013-10-29 | Name : The remote Fedora host is missing a security update. File : fedora_2013-19480.nasl - Type : ACT_GATHER_INFO |
| 2013-10-18 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_e135f0c9375f11e380b720cf30e32f6d.nasl - Type : ACT_GATHER_INFO |
| 2013-04-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-066.nasl - Type : ACT_GATHER_INFO |
| 2013-02-25 | Name : The remote web server contains a CGI application that suffers from multiple v... File : bugzilla_3_6_13.nasl - Type : ACT_GATHER_INFO |
| 2013-02-21 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_1c8a039b7b2311e2b17b20cf30e32f6d.nasl - Type : ACT_GATHER_INFO |
| 2012-11-20 | Name : The remote web server contains a CGI application that suffers from multiple v... File : bugzilla_3_6_12.nasl - Type : ACT_GATHER_INFO |
| 2012-11-19 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_2b841f882e8d11e2ad2120cf30e32f6d.nasl - Type : ACT_GATHER_INFO |
| 2012-09-18 | Name : The remote Fedora host is missing a security update. File : fedora_2012-13162.nasl - Type : ACT_GATHER_INFO |
| 2012-09-13 | Name : The remote web server contains a CGI application that suffers from multiple v... File : bugzilla_3_6_11.nasl - Type : ACT_GATHER_INFO |
