This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:mozilla:bugzilla:3.3.4
Detail
VendorMozillaFirst view 2009-09-15
ProductBugzillaLast view 2012-11-16
Version3.3.4TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:mozilla:bugzilla

Activity : Yearly

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentification
4.32012-11-16CVE-2012-4199NetworkMediumNone Requ...
52012-11-16CVE-2012-4197NetworkLowNone Requ...
52012-09-04CVE-2012-4747NetworkLowNone Requ...
52012-09-04CVE-2012-3981NetworkLowNone Requ...
4.32012-07-30CVE-2012-1969NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentification
42012-04-27CVE-2012-0466NetworkHighNone Requ...
42012-02-02CVE-2012-0448NetworkLowRequires ...
6.82012-01-02CVE-2011-3669NetworkMediumNone Requ...
6.82012-01-02CVE-2011-3668NetworkMediumNone Requ...
6.82012-01-02CVE-2011-3667NetworkMediumNone Requ...
4.32012-01-02CVE-2011-3657NetworkMediumNone Requ...
52011-08-09CVE-2011-2978NetworkLowNone Requ...
4.32011-08-09CVE-2011-2976NetworkMediumNone Requ...
4.32011-08-09CVE-2011-2381NetworkMediumNone Requ...
52011-08-09CVE-2011-2380NetworkLowNone Requ...
4.32011-08-09CVE-2011-2379NetworkMediumNone Requ...
42010-08-16CVE-2010-2759NetworkLowRequires ...
52010-08-16CVE-2010-2758NetworkLowNone Requ...
6.52010-08-16CVE-2010-2757NetworkLowRequires ...
52010-08-16CVE-2010-2756NetworkLowNone Requ...
52010-06-28CVE-2010-1204NetworkLowNone Requ...
52010-02-03CVE-2009-3387NetworkLowNone Requ...
52009-11-20CVE-2009-3386NetworkLowNone Requ...
7.52009-09-15CVE-2009-3165NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
24% (6)CWE-264Permissions, Privileges, and Access Controls
20% (5)CWE-200Information Exposure
12% (3)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
8% (2)CWE-352Cross-Site Request Forgery (CSRF)
8% (2)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
Hide | Show 6 More...
%idName
8% (2)CWE-20Improper Input Validation
4% (1)CWE-310Cryptographic Issues
4% (1)CWE-287Improper Authentication
4% (1)CWE-255Credentials Management
4% (1)CWE-189Numeric Errors
4% (1)CWE-94Failure to Control Generation of Code ('Code Injection')

Open Source Vulnerability Database (OSVDB)

idDescription
78062Bugzilla User.offer_account_by_email Method user_can_create_account Value Par...
78061Bugzilla report.cgi Real Name Field XSS
78060Bugzilla chart.cgi label0 Parameter XSS
78059Bugzilla attachment.cgi Attachment Addition CSRF
78058Bugzilla post_bug.cgi Bug Report Creation CSRF
Hide | Show 15 More...
idDescription
74303Bugzilla BUGLIST Cookie XSS
74301Bugzilla Account Email Change Notification Weakness
74300Bugzilla Flagmail Attachment Description Header CRLF Injection
74299Bugzilla Custom Search URL Parsing Group Name Disclosure
74298Bugzilla Bug Creation / Editing URL Parsing Group Name Disclosure
74297Bugzilla Patch Attachment Raw Unified Viewing Mode XSS
67199Bugzilla with PostgreSQL Multiple Phrase Crafted Comment Remote DoS
67198Bugzilla Multiple Page Error Message Remote Product Name Enumeration
67197Bugzilla sudo Feature Impersonation Notification Weakness
67196Bugzilla Search.pm Multiple Vector Arbitrary Group Membership Enumeration
65878Bugzilla Search.pm Boolean Chart Search Crafted URL Time-tracking Remote Info...
62148Bugzilla Product Category Group Restriction Weakness Remote Information Discl...
60271Bugzilla Template.pm Bug Alias Information Disclosure
58088Bugzilla Bug.create WebService Function Unspecified SQL Injection
58087Bugzilla Bug.search WebService Function Unspecified SQL Injection