This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:mozilla:bugzilla:2.16_rc2 |
| Detail | |||
|---|---|---|---|
| Vendor | Mozilla | First view | 2008-05-07 |
| Product | Bugzilla | Last view | 2012-01-02 |
| Version | 2.16_rc2 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:mozilla:bugzilla | ||
Activity : Yearly
Related : CVE
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 6.8 | 2012-01-02 | CVE-2011-3669 | Network | Medium | None Requ... | |
| 6.8 | 2012-01-02 | CVE-2011-3668 | Network | Medium | None Requ... | |
| 4.3 | 2011-01-28 | CVE-2011-0048 | Network | Medium | None Requ... | |
| 6.8 | 2011-01-28 | CVE-2011-0046 | Network | Medium | None Requ... | |
| 4.3 | 2011-01-28 | CVE-2010-4572 | Network | Medium | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 4.3 | 2011-01-28 | CVE-2010-4567 | Network | Medium | None Requ... | |
| 5 | 2010-11-05 | CVE-2010-3764 | Network | Low | None Requ... | |
| 2.6 | 2010-11-05 | CVE-2010-3172 | Network | High | None Requ... | |
| 5.8 | 2009-02-09 | CVE-2009-0483 | Network | Medium | None Requ... | |
| 5.8 | 2009-02-09 | CVE-2009-0482 | Network | Medium | None Requ... | |
| 3.5 | 2009-02-09 | CVE-2009-0481 | Network | Medium | Requires ... | |
| 3.5 | 2008-05-07 | CVE-2008-2105 | Network | Medium | Requires ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 41% (5) | CWE-352 | Cross-Site Request Forgery (CSRF) |
| 25% (3) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 16% (2) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 8% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
| 8% (1) | CWE-200 | Information Exposure |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 78059 | Bugzilla attachment.cgi Attachment Addition CSRF |
| 78058 | Bugzilla post_bug.cgi Bug Report Creation CSRF |
| 70710 | Bugzilla quips.cgi Quip Moderation CSRF |
| 70709 | Bugzilla colchange.cgi Column Manipulation CSRF |
| 70708 | Bugzilla chart.cgi Chart Manipulation CSRF |
| id | Description |
|---|---|
| 70707 | Bugzilla sanitycheck.cgi Authentication Hijack CSRF |
| 70706 | Bugzilla votes.cgi Authentication Hijack CSRF |
| 70705 | Bugzilla buglist.cgi Saved Search Addition CSRF |
| 70704 | Bugzilla Multiple URI Clickable Link bug_file_loc Field XSS |
| 70703 | Bugzilla chart.cgi Query String HTTP Response Splitting CRLF Injection |
| 70699 | Bugzilla Multiple URI Preceding Whitespace bug_file_loc Field XSS |
| 69222 | Bugzilla Old Charts Predictable Graph Filenames Remote Information Disclosure |
| 69221 | Bugzilla Server Push Crafted URL Response Splitting CRLF Injection |
| 54054 | Bugzilla userprefs.cgi Keywords / User Preference Deletion CSRF |
| 54053 | Bugzilla editkeywords.cgi Keywords / User Preference Deletion CSRF |
| 54052 | Bugzilla process_bug.cgi Bug Update Activity CSRF |
| 54051 | Bugzilla Uploaded Attachment Handling XSS |
| 44939 | Bugzilla email_in.pl @reporter Command E-mail Address Spoofing Weakness |
