This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:mozilla:bugzilla:2.2 |
| Detail | |||
|---|---|---|---|
| Vendor | Mozilla | First view | 2010-02-03 |
| Product | Bugzilla | Last view | 2013-02-24 |
| Version | 2.2 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:mozilla:bugzilla | ||
Activity : Yearly
Related : CVE
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 5 | 2013-02-24 | CVE-2013-0786 | Network | Low | None Requ... | |
| 5 | 2012-11-16 | CVE-2012-4197 | Network | Low | None Requ... | |
| 5 | 2012-09-04 | CVE-2012-4747 | Network | Low | None Requ... | |
| 5 | 2012-09-04 | CVE-2012-3981 | Network | Low | None Requ... | |
| 4.3 | 2012-07-30 | CVE-2012-1969 | Network | Medium | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 4 | 2012-04-27 | CVE-2012-0466 | Network | High | None Requ... | |
| 4 | 2012-02-02 | CVE-2012-0448 | Network | Low | Requires ... | |
| 6.8 | 2012-01-02 | CVE-2011-3669 | Network | Medium | None Requ... | |
| 6.8 | 2012-01-02 | CVE-2011-3668 | Network | Medium | None Requ... | |
| 6.8 | 2012-01-02 | CVE-2011-3667 | Network | Medium | None Requ... | |
| 4.3 | 2012-01-02 | CVE-2011-3657 | Network | Medium | None Requ... | |
| 4.3 | 2011-01-28 | CVE-2011-0048 | Network | Medium | None Requ... | |
| 6.8 | 2011-01-28 | CVE-2011-0046 | Network | Medium | None Requ... | |
| 4.3 | 2011-01-28 | CVE-2010-4572 | Network | Medium | None Requ... | |
| 4.3 | 2011-01-28 | CVE-2010-4567 | Network | Medium | None Requ... | |
| 5 | 2010-11-05 | CVE-2010-3764 | Network | Low | None Requ... | |
| 2.6 | 2010-11-05 | CVE-2010-3172 | Network | High | None Requ... | |
| 5 | 2010-08-16 | CVE-2010-2758 | Network | Low | None Requ... | |
| 5 | 2010-08-16 | CVE-2010-2756 | Network | Low | None Requ... | |
| 4.3 | 2010-02-03 | CVE-2009-3989 | Network | Medium | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 25% (5) | CWE-264 | Permissions, Privileges, and Access Controls |
| 20% (4) | CWE-200 | Information Exposure |
| 15% (3) | CWE-352 | Cross-Site Request Forgery (CSRF) |
| 15% (3) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 10% (2) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| % | id | Name |
|---|---|---|
| 5% (1) | CWE-287 | Improper Authentication |
| 5% (1) | CWE-255 | Credentials Management |
| 5% (1) | CWE-20 | Improper Input Validation |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 78062 | Bugzilla User.offer_account_by_email Method user_can_create_account Value Par... |
| 78061 | Bugzilla report.cgi Real Name Field XSS |
| 78060 | Bugzilla chart.cgi label0 Parameter XSS |
| 78059 | Bugzilla attachment.cgi Attachment Addition CSRF |
| 78058 | Bugzilla post_bug.cgi Bug Report Creation CSRF |
| id | Description |
|---|---|
| 70710 | Bugzilla quips.cgi Quip Moderation CSRF |
| 70709 | Bugzilla colchange.cgi Column Manipulation CSRF |
| 70708 | Bugzilla chart.cgi Chart Manipulation CSRF |
| 70707 | Bugzilla sanitycheck.cgi Authentication Hijack CSRF |
| 70706 | Bugzilla votes.cgi Authentication Hijack CSRF |
| 70705 | Bugzilla buglist.cgi Saved Search Addition CSRF |
| 70704 | Bugzilla Multiple URI Clickable Link bug_file_loc Field XSS |
| 70703 | Bugzilla chart.cgi Query String HTTP Response Splitting CRLF Injection |
| 70699 | Bugzilla Multiple URI Preceding Whitespace bug_file_loc Field XSS |
| 69222 | Bugzilla Old Charts Predictable Graph Filenames Remote Information Disclosure |
| 69221 | Bugzilla Server Push Crafted URL Response Splitting CRLF Injection |
| 67198 | Bugzilla Multiple Page Error Message Remote Product Name Enumeration |
| 67196 | Bugzilla Search.pm Multiple Vector Arbitrary Group Membership Enumeration |
| 62149 | Bugzilla Multiple Directory Access Restriction Weakness Remote Information Di... |
