Mozilla Bugzilla 3.0.11

This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Name	cpe:/a:mozilla:bugzilla:3.0.11

Detail
Vendor	Mozilla	First view	2010-06-28
Product	Bugzilla	Last view	2012-11-16
Version	3.0.11	Type	Application
Edition
Language
Update

CPE Product	cpe:/a:mozilla:bugzilla

Activity : Yearly

Related : CVE

	Date	Alert	Access Vector	Access Complexity	Authentification
4.3	2012-11-16	CVE-2012-4199	Network	Medium	None Requ...
5	2012-11-16	CVE-2012-4197	Network	Low	None Requ...
5	2012-09-04	CVE-2012-4747	Network	Low	None Requ...
5	2012-09-04	CVE-2012-3981	Network	Low	None Requ...
4.3	2012-07-30	CVE-2012-1969	Network	Medium	None Requ...
Hide \| Show 17 More...

	Date	Alert	Access Vector	Access Complexity	Authentification
4	2012-04-27	CVE-2012-0466	Network	High	None Requ...
4	2012-02-02	CVE-2012-0448	Network	Low	Requires ...
6.8	2012-01-02	CVE-2011-3669	Network	Medium	None Requ...
6.8	2012-01-02	CVE-2011-3668	Network	Medium	None Requ...
6.8	2012-01-02	CVE-2011-3667	Network	Medium	None Requ...
4.3	2012-01-02	CVE-2011-3657	Network	Medium	None Requ...
5	2011-08-09	CVE-2011-2978	Network	Low	None Requ...
4.3	2011-08-09	CVE-2011-2976	Network	Medium	None Requ...
4.3	2011-08-09	CVE-2011-2381	Network	Medium	None Requ...
5	2011-08-09	CVE-2011-2380	Network	Low	None Requ...
4.3	2011-08-09	CVE-2011-2379	Network	Medium	None Requ...
7.5	2011-01-28	CVE-2010-4568	Network	Low	None Requ...
4	2010-08-16	CVE-2010-2759	Network	Low	Requires ...
5	2010-08-16	CVE-2010-2758	Network	Low	None Requ...
6.5	2010-08-16	CVE-2010-2757	Network	Low	Requires ...
5	2010-08-16	CVE-2010-2756	Network	Low	None Requ...
5	2010-06-28	CVE-2010-1204	Network	Low	None Requ...

CWE : Common Weakness Enumeration

%	id	Name
27% (6)	CWE-264	Permissions, Privileges, and Access Controls
18% (4)	CWE-200	Information Exposure
13% (3)	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting')
9% (2)	CWE-352	Cross-Site Request Forgery (CSRF)
9% (2)	CWE-20	Improper Input Validation
Hide \| Show 5 More...

%	id	Name
4% (1)	CWE-310	Cryptographic Issues
4% (1)	CWE-287	Improper Authentication
4% (1)	CWE-255	Credentials Management
4% (1)	CWE-189	Numeric Errors
4% (1)	CWE-94	Failure to Control Generation of Code ('Code Injection')

Open Source Vulnerability Database (OSVDB)

id	Description
78062	Bugzilla User.offer_account_by_email Method user_can_create_account Value Par...
78061	Bugzilla report.cgi Real Name Field XSS
78060	Bugzilla chart.cgi label0 Parameter XSS
78059	Bugzilla attachment.cgi Attachment Addition CSRF
78058	Bugzilla post_bug.cgi Bug Report Creation CSRF
Hide \| Show 12 More...

id	Description
74303	Bugzilla BUGLIST Cookie XSS
74301	Bugzilla Account Email Change Notification Weakness
74300	Bugzilla Flagmail Attachment Description Header CRLF Injection
74299	Bugzilla Custom Search URL Parsing Group Name Disclosure
74298	Bugzilla Bug Creation / Editing URL Parsing Group Name Disclosure
74297	Bugzilla Patch Attachment Raw Unified Viewing Mode XSS
70700	Bugzilla srand Function Cookie / Token Random Value Weakness Arbitrary Accoun...
67199	Bugzilla with PostgreSQL Multiple Phrase Crafted Comment Remote DoS
67198	Bugzilla Multiple Page Error Message Remote Product Name Enumeration
67197	Bugzilla sudo Feature Impersonation Notification Weakness
67196	Bugzilla Search.pm Multiple Vector Arbitrary Group Membership Enumeration
65878	Bugzilla Search.pm Boolean Chart Search Crafted URL Time-tracking Remote Info...

Copyright Security-Database 2006-2013 - Powered by themself ;) in 0.0649s

Facebook rss twitter linkedin mail