This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:mozilla:bugzilla:2.16:rc1 |
| Detail | |||
|---|---|---|---|
| Vendor | Mozilla | First view | 2002-08-12 |
| Product | Bugzilla | Last view | 2013-02-24 |
| Version | 2.16 | Type | Application |
| Edition | |||
| Language | |||
| Update | rc1 | ||
| CPE Product | cpe:/a:mozilla:bugzilla | ||
Activity : Yearly
Related : CVE
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 5 | 2013-02-24 | CVE-2013-0786 | Network | Low | None Requ... | |
| 5 | 2012-11-16 | CVE-2012-4197 | Network | Low | None Requ... | |
| 5 | 2012-09-04 | CVE-2012-4747 | Network | Low | None Requ... | |
| 5 | 2012-09-04 | CVE-2012-3981 | Network | Low | None Requ... | |
| 4.3 | 2012-07-30 | CVE-2012-1969 | Network | Medium | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 4 | 2012-04-27 | CVE-2012-0466 | Network | High | None Requ... | |
| 4 | 2012-02-02 | CVE-2012-0448 | Network | Low | Requires ... | |
| 6.8 | 2012-01-02 | CVE-2011-3669 | Network | Medium | None Requ... | |
| 6.8 | 2012-01-02 | CVE-2011-3668 | Network | Medium | None Requ... | |
| 6.8 | 2012-01-02 | CVE-2011-3667 | Network | Medium | None Requ... | |
| 4.3 | 2012-01-02 | CVE-2011-3657 | Network | Medium | None Requ... | |
| 5 | 2011-08-09 | CVE-2011-2978 | Network | Low | None Requ... | |
| 4.3 | 2011-08-09 | CVE-2011-2976 | Network | Medium | None Requ... | |
| 4.3 | 2011-08-09 | CVE-2011-2379 | Network | Medium | None Requ... | |
| 4.3 | 2011-01-28 | CVE-2011-0048 | Network | Medium | None Requ... | |
| 6.8 | 2011-01-28 | CVE-2011-0046 | Network | Medium | None Requ... | |
| 4.3 | 2011-01-28 | CVE-2010-4572 | Network | Medium | None Requ... | |
| 7.5 | 2011-01-28 | CVE-2010-4568 | Network | Low | None Requ... | |
| 4.3 | 2011-01-28 | CVE-2010-4567 | Network | Medium | None Requ... | |
| 5 | 2010-11-05 | CVE-2010-3764 | Network | Low | None Requ... | |
| 2.6 | 2010-11-05 | CVE-2010-3172 | Network | High | None Requ... | |
| 4.3 | 2010-02-03 | CVE-2009-3989 | Network | Medium | None Requ... | |
| 5.8 | 2009-02-09 | CVE-2009-0483 | Network | Medium | None Requ... | |
| 5.8 | 2009-02-09 | CVE-2009-0482 | Network | Medium | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 25% (7) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 22% (6) | CWE-264 | Permissions, Privileges, and Access Controls |
| 18% (5) | CWE-352 | Cross-Site Request Forgery (CSRF) |
| 11% (3) | CWE-200 | Information Exposure |
| 7% (2) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| % | id | Name |
|---|---|---|
| 7% (2) | CWE-20 | Improper Input Validation |
| 3% (1) | CWE-287 | Improper Authentication |
| 3% (1) | CWE-255 | Credentials Management |
CAPEC : Common Attack Pattern Enumeration & Classificatio
| id | Name |
|---|---|
| CAPEC-18 | Embedding Scripts in Nonscript Elements |
| CAPEC-63 | Simple Script Injection |
| CAPEC-73 | User-Controlled Filename |
Open Source Vulnerability Database (OSVDB)
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 78062 | Bugzilla User.offer_account_by_email Method user_can_create_account Value Par... |
| 78061 | Bugzilla report.cgi Real Name Field XSS |
| 78060 | Bugzilla chart.cgi label0 Parameter XSS |
| 78059 | Bugzilla attachment.cgi Attachment Addition CSRF |
| 78058 | Bugzilla post_bug.cgi Bug Report Creation CSRF |
| id | Description |
|---|---|
| 74303 | Bugzilla BUGLIST Cookie XSS |
| 74301 | Bugzilla Account Email Change Notification Weakness |
| 74297 | Bugzilla Patch Attachment Raw Unified Viewing Mode XSS |
| 70710 | Bugzilla quips.cgi Quip Moderation CSRF |
| 70709 | Bugzilla colchange.cgi Column Manipulation CSRF |
| 70708 | Bugzilla chart.cgi Chart Manipulation CSRF |
| 70707 | Bugzilla sanitycheck.cgi Authentication Hijack CSRF |
| 70706 | Bugzilla votes.cgi Authentication Hijack CSRF |
| 70705 | Bugzilla buglist.cgi Saved Search Addition CSRF |
| 70704 | Bugzilla Multiple URI Clickable Link bug_file_loc Field XSS |
| 70703 | Bugzilla chart.cgi Query String HTTP Response Splitting CRLF Injection |
| 70700 | Bugzilla srand Function Cookie / Token Random Value Weakness Arbitrary Accoun... |
| 70699 | Bugzilla Multiple URI Preceding Whitespace bug_file_loc Field XSS |
| 69222 | Bugzilla Old Charts Predictable Graph Filenames Remote Information Disclosure |
| 69221 | Bugzilla Server Push Crafted URL Response Splitting CRLF Injection |
| 62149 | Bugzilla Multiple Directory Access Restriction Weakness Remote Information Di... |
| 54054 | Bugzilla userprefs.cgi Keywords / User Preference Deletion CSRF |
| 54053 | Bugzilla editkeywords.cgi Keywords / User Preference Deletion CSRF |
| 54052 | Bugzilla process_bug.cgi Bug Update Activity CSRF |
| 54051 | Bugzilla Uploaded Attachment Handling XSS |
