This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:mozilla:bugzilla:2.18
Detail
VendorMozillaFirst view 2005-05-14
ProductBugzillaLast view 2014-04-19
Version2.18TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:mozilla:bugzilla

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
4 2014-04-19 CVE-2014-1517 Network Low Requires ...
4.3 2013-10-24 CVE-2013-1742 Network Medium None Requ...
6.8 2013-10-24 CVE-2013-1734 Network Medium None Requ...
5 2013-02-24 CVE-2013-0786 Network Low None Requ...
5 2012-11-16 CVE-2012-4197 Network Low None Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
5 2012-09-04 CVE-2012-4747 Network Low None Requ...
5 2012-09-04 CVE-2012-3981 Network Low None Requ...
4.3 2012-07-30 CVE-2012-1969 Network Medium None Requ...
4 2012-04-27 CVE-2012-0466 Network High None Requ...
4 2012-02-02 CVE-2012-0448 Network Low Requires ...
6.8 2012-01-02 CVE-2011-3669 Network Medium None Requ...
6.8 2012-01-02 CVE-2011-3668 Network Medium None Requ...
6.8 2012-01-02 CVE-2011-3667 Network Medium None Requ...
4.3 2012-01-02 CVE-2011-3657 Network Medium None Requ...
5 2011-08-09 CVE-2011-2978 Network Low None Requ...
4.3 2011-08-09 CVE-2011-2976 Network Medium None Requ...
4.3 2011-08-09 CVE-2011-2381 Network Medium None Requ...
4.3 2011-08-09 CVE-2011-2379 Network Medium None Requ...
4.3 2011-01-28 CVE-2011-0048 Network Medium None Requ...
6.8 2011-01-28 CVE-2011-0046 Network Medium None Requ...
4.3 2011-01-28 CVE-2010-4572 Network Medium None Requ...
7.5 2011-01-28 CVE-2010-4568 Network Low None Requ...
4.3 2011-01-28 CVE-2010-4567 Network Medium None Requ...
5 2010-11-05 CVE-2010-3764 Network Low None Requ...

CWE : Common Weakness Enumeration

%idName
23% (8)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
20% (7)CWE-352Cross-Site Request Forgery (CSRF)
17% (6)CWE-264Permissions, Privileges, and Access Controls
11% (4)CWE-200Information Exposure
8% (3)CWE-94Failure to Control Generation of Code ('Code Injection')
Hide | Show 3 More...
%idName
8% (3)CWE-20Improper Input Validation
5% (2)CWE-287Improper Authentication
2% (1)CWE-255Credentials Management

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-26Leveraging Race Conditions
CAPEC-27Leveraging Race Conditions via Symbolic Links
CAPEC-58Restful Privilege Elevation

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
78062Bugzilla User.offer_account_by_email Method user_can_create_account Value Par...
78061Bugzilla report.cgi Real Name Field XSS
78060Bugzilla chart.cgi label0 Parameter XSS
78059Bugzilla attachment.cgi Attachment Addition CSRF
78058Bugzilla post_bug.cgi Bug Report Creation CSRF
Hide | Show 20 More...
idDescription
74303Bugzilla BUGLIST Cookie XSS
74301Bugzilla Account Email Change Notification Weakness
74300Bugzilla Flagmail Attachment Description Header CRLF Injection
74297Bugzilla Patch Attachment Raw Unified Viewing Mode XSS
70710Bugzilla quips.cgi Quip Moderation CSRF
70709Bugzilla colchange.cgi Column Manipulation CSRF
70708Bugzilla chart.cgi Chart Manipulation CSRF
70707Bugzilla sanitycheck.cgi Authentication Hijack CSRF
70706Bugzilla votes.cgi Authentication Hijack CSRF
70705Bugzilla buglist.cgi Saved Search Addition CSRF
70704Bugzilla Multiple URI Clickable Link bug_file_loc Field XSS
70703Bugzilla chart.cgi Query String HTTP Response Splitting CRLF Injection
70700Bugzilla srand Function Cookie / Token Random Value Weakness Arbitrary Accoun...
70699Bugzilla Multiple URI Preceding Whitespace bug_file_loc Field XSS
69222Bugzilla Old Charts Predictable Graph Filenames Remote Information Disclosure
69221Bugzilla Server Push Crafted URL Response Splitting CRLF Injection
67198Bugzilla Multiple Page Error Message Remote Product Name Enumeration
62149Bugzilla Multiple Directory Access Restriction Weakness Remote Information Di...
54056Bugzilla editflagtypes.cgi Unused Flag Type Deletion CSRF
54054Bugzilla userprefs.cgi Keywords / User Preference Deletion CSRF

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-11-26Name : FreeBSD Ports: bugzilla
File : nvt/freebsd_bugzilla20.nasl
2012-11-26Name : Fedora Update for bugzilla FEDORA-2012-18210
File : nvt/gb_fedora_2012_18210_bugzilla_fc17.nasl
2012-11-26Name : Fedora Update for bugzilla FEDORA-2012-18224
File : nvt/gb_fedora_2012_18224_bugzilla_fc16.nasl
2012-09-11Name : Bugzilla LDAP Code Injection And Security Bypass Vulnerabilities
File : nvt/gb_bugzilla_code_injection_n_sec_bypass_vulns.nasl
2012-09-11Name : Fedora Update for bugzilla FEDORA-2012-13163
File : nvt/gb_fedora_2012_13163_bugzilla_fc17.nasl
Hide | Show 20 More...
idDescription
2012-09-11Name : Fedora Update for bugzilla FEDORA-2012-13171
File : nvt/gb_fedora_2012_13171_bugzilla_fc16.nasl
2012-09-07Name : FreeBSD Ports: bugzilla
File : nvt/freebsd_bugzilla19.nasl
2012-08-30Name : Fedora Update for bugzilla FEDORA-2012-11364
File : nvt/gb_fedora_2012_11364_bugzilla_fc17.nasl
2012-08-30Name : Fedora Update for bugzilla FEDORA-2012-6282
File : nvt/gb_fedora_2012_6282_bugzilla_fc17.nasl
2012-08-14Name : Fedora Update for bugzilla FEDORA-2012-11324
File : nvt/gb_fedora_2012_11324_bugzilla_fc16.nasl
2012-08-10Name : FreeBSD Ports: bugzilla
File : nvt/freebsd_bugzilla18.nasl
2012-05-04Name : Fedora Update for bugzilla FEDORA-2012-6368
File : nvt/gb_fedora_2012_6368_bugzilla_fc16.nasl
2012-05-04Name : Fedora Update for bugzilla FEDORA-2012-6396
File : nvt/gb_fedora_2012_6396_bugzilla_fc15.nasl
2012-04-30Name : FreeBSD Ports: bugzilla
File : nvt/freebsd_bugzilla16.nasl
2012-04-02Name : Fedora Update for bugzilla FEDORA-2011-10399
File : nvt/gb_fedora_2011_10399_bugzilla_fc16.nasl
2012-04-02Name : Fedora Update for bugzilla FEDORA-2012-0301
File : nvt/gb_fedora_2012_0301_bugzilla_fc16.nasl
2012-03-19Name : Fedora Update for bugzilla FEDORA-2012-1218
File : nvt/gb_fedora_2012_1218_bugzilla_fc16.nasl
2012-02-13Name : Fedora Update for bugzilla FEDORA-2012-1189
File : nvt/gb_fedora_2012_1189_bugzilla_fc15.nasl
2012-02-12Name : FreeBSD Ports: bugzilla
File : nvt/freebsd_bugzilla15.nasl
2012-02-12Name : Gentoo Security Advisory GLSA 201110-03 (bugzilla)
File : nvt/glsa_201110_03.nasl
2012-01-20Name : Fedora Update for bugzilla FEDORA-2012-0328
File : nvt/gb_fedora_2012_0328_bugzilla_fc15.nasl
2011-10-16Name : Debian Security Advisory DSA 2322-1 (bugzilla)
File : nvt/deb_2322_1.nasl
2011-09-21Name : FreeBSD Ports: bugzilla
File : nvt/freebsd_bugzilla13.nasl
2011-08-24Name : Fedora Update for bugzilla FEDORA-2011-10413
File : nvt/gb_fedora_2011_10413_bugzilla_fc14.nasl
2011-08-24Name : Fedora Update for bugzilla FEDORA-2011-10426
File : nvt/gb_fedora_2011_10426_bugzilla_fc15.nasl

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_perl-CGI-Simple-110107.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_perl-110112.nasl - Type : ACT_GATHER_INFO
2014-05-20Name : The remote web server contains a web application that suffers from a cross-si...
File : bugzilla_login_xsrf.nasl - Type : ACT_GATHER_INFO
2014-04-30Name : The remote Fedora host is missing a security update.
File : fedora_2014-5414.nasl - Type : ACT_GATHER_INFO
2014-04-30Name : The remote Fedora host is missing a security update.
File : fedora_2014-5433.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2014-04-21Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_608ed765c70011e3848c20cf30e32f6d.nasl - Type : ACT_GATHER_INFO
2013-11-27Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-285.nasl - Type : ACT_GATHER_INFO
2013-11-11Name : The remote Fedora host is missing a security update.
File : fedora_2013-19402.nasl - Type : ACT_GATHER_INFO
2013-10-31Name : The remote web server contains a web application that suffers from multiple v...
File : bugzilla_4_4_1.nasl - Type : ACT_GATHER_INFO
2013-10-29Name : The remote Fedora host is missing a security update.
File : fedora_2013-19458.nasl - Type : ACT_GATHER_INFO
2013-10-29Name : The remote Fedora host is missing a security update.
File : fedora_2013-19480.nasl - Type : ACT_GATHER_INFO
2013-10-18Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_e135f0c9375f11e380b720cf30e32f6d.nasl - Type : ACT_GATHER_INFO
2013-04-20Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-066.nasl - Type : ACT_GATHER_INFO
2013-02-25Name : The remote web server contains a CGI application that suffers from multiple v...
File : bugzilla_3_6_13.nasl - Type : ACT_GATHER_INFO
2013-02-21Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_1c8a039b7b2311e2b17b20cf30e32f6d.nasl - Type : ACT_GATHER_INFO
2012-11-20Name : The remote web server contains a CGI application that suffers from multiple v...
File : bugzilla_3_6_12.nasl - Type : ACT_GATHER_INFO
2012-11-19Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_2b841f882e8d11e2ad2120cf30e32f6d.nasl - Type : ACT_GATHER_INFO
2012-09-18Name : The remote Fedora host is missing a security update.
File : fedora_2012-13162.nasl - Type : ACT_GATHER_INFO
2012-09-13Name : The remote web server contains a CGI application that suffers from multiple v...
File : bugzilla_3_6_11.nasl - Type : ACT_GATHER_INFO
2012-09-11Name : The remote Fedora host is missing a security update.
File : fedora_2012-13163.nasl - Type : ACT_GATHER_INFO
2012-09-11Name : The remote Fedora host is missing a security update.
File : fedora_2012-13171.nasl - Type : ACT_GATHER_INFO
2012-09-04Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_6ad18fe5f46911e1920d20cf30e32f6d.nasl - Type : ACT_GATHER_INFO
2012-08-23Name : The remote web server contains a CGI application that suffers from multiple i...
File : bugzilla_3_6_10.nasl - Type : ACT_GATHER_INFO
2012-08-13Name : The remote Fedora host is missing a security update.
File : fedora_2012-11324.nasl - Type : ACT_GATHER_INFO
2012-08-13Name : The remote Fedora host is missing a security update.
File : fedora_2012-11364.nasl - Type : ACT_GATHER_INFO