This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:mozilla:bugzilla:2.20.7
Detail
VendorMozillaFirst view 2009-02-09
ProductBugzillaLast view 2013-02-24
Version2.20.7TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:mozilla:bugzilla

Activity : Yearly

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentification
52013-02-24CVE-2013-0786NetworkLowNone Requ...
52012-11-16CVE-2012-4197NetworkLowNone Requ...
52012-09-04CVE-2012-4747NetworkLowNone Requ...
52012-09-04CVE-2012-3981NetworkLowNone Requ...
4.32012-07-30CVE-2012-1969NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentification
42012-04-27CVE-2012-0466NetworkHighNone Requ...
42012-02-02CVE-2012-0448NetworkLowRequires ...
6.82012-01-02CVE-2011-3669NetworkMediumNone Requ...
6.82012-01-02CVE-2011-3668NetworkMediumNone Requ...
6.82012-01-02CVE-2011-3667NetworkMediumNone Requ...
4.32012-01-02CVE-2011-3657NetworkMediumNone Requ...
52011-08-09CVE-2011-2978NetworkLowNone Requ...
4.32011-08-09CVE-2011-2976NetworkMediumNone Requ...
4.32011-08-09CVE-2011-2381NetworkMediumNone Requ...
4.32011-01-28CVE-2011-0048NetworkMediumNone Requ...
6.82011-01-28CVE-2011-0046NetworkMediumNone Requ...
4.32011-01-28CVE-2010-4572NetworkMediumNone Requ...
7.52011-01-28CVE-2010-4568NetworkLowNone Requ...
4.32011-01-28CVE-2010-4567NetworkMediumNone Requ...
52010-11-05CVE-2010-3764NetworkLowNone Requ...
2.62010-11-05CVE-2010-3172NetworkHighNone Requ...
52010-08-16CVE-2010-2758NetworkLowNone Requ...
52010-08-16CVE-2010-2756NetworkLowNone Requ...
4.32010-02-03CVE-2009-3989NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
24% (6)CWE-264Permissions, Privileges, and Access Controls
16% (4)CWE-352Cross-Site Request Forgery (CSRF)
16% (4)CWE-200Information Exposure
16% (4)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
12% (3)CWE-94Failure to Control Generation of Code ('Code Injection')
Hide | Show 3 More...
%idName
8% (2)CWE-20Improper Input Validation
4% (1)CWE-287Improper Authentication
4% (1)CWE-255Credentials Management

Open Source Vulnerability Database (OSVDB)

idDescription
78062Bugzilla User.offer_account_by_email Method user_can_create_account Value Par...
78061Bugzilla report.cgi Real Name Field XSS
78060Bugzilla chart.cgi label0 Parameter XSS
78059Bugzilla attachment.cgi Attachment Addition CSRF
78058Bugzilla post_bug.cgi Bug Report Creation CSRF
Hide | Show 19 More...
idDescription
74303Bugzilla BUGLIST Cookie XSS
74301Bugzilla Account Email Change Notification Weakness
74300Bugzilla Flagmail Attachment Description Header CRLF Injection
70710Bugzilla quips.cgi Quip Moderation CSRF
70709Bugzilla colchange.cgi Column Manipulation CSRF
70708Bugzilla chart.cgi Chart Manipulation CSRF
70707Bugzilla sanitycheck.cgi Authentication Hijack CSRF
70706Bugzilla votes.cgi Authentication Hijack CSRF
70705Bugzilla buglist.cgi Saved Search Addition CSRF
70704Bugzilla Multiple URI Clickable Link bug_file_loc Field XSS
70703Bugzilla chart.cgi Query String HTTP Response Splitting CRLF Injection
70700Bugzilla srand Function Cookie / Token Random Value Weakness Arbitrary Accoun...
70699Bugzilla Multiple URI Preceding Whitespace bug_file_loc Field XSS
69222Bugzilla Old Charts Predictable Graph Filenames Remote Information Disclosure
69221Bugzilla Server Push Crafted URL Response Splitting CRLF Injection
67198Bugzilla Multiple Page Error Message Remote Product Name Enumeration
67196Bugzilla Search.pm Multiple Vector Arbitrary Group Membership Enumeration
62149Bugzilla Multiple Directory Access Restriction Weakness Remote Information Di...
54056Bugzilla editflagtypes.cgi Unused Flag Type Deletion CSRF