Mozilla Bugzilla 3.4 Rc1

This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Name	cpe:/a:mozilla:bugzilla:3.4:rc1

Detail
Vendor	Mozilla	First view	2009-09-15
Product	Bugzilla	Last view	2012-11-16
Version	3.4	Type	Application
Edition
Language
Update	rc1

CPE Product	cpe:/a:mozilla:bugzilla

Activity : Yearly

Related : CVE

	Date	Alert	Access Vector	Access Complexity	Authentification
4.3	2012-11-16	CVE-2012-4199	Network	Medium	None Requ...
5	2012-11-16	CVE-2012-4197	Network	Low	None Requ...
5	2012-09-04	CVE-2012-4747	Network	Low	None Requ...
5	2012-09-04	CVE-2012-3981	Network	Low	None Requ...
4.3	2012-07-30	CVE-2012-1969	Network	Medium	None Requ...
Hide \| Show 15 More...

	Date	Alert	Access Vector	Access Complexity	Authentification
4	2012-04-27	CVE-2012-0466	Network	High	None Requ...
4	2012-02-02	CVE-2012-0448	Network	Low	Requires ...
6.8	2012-01-02	CVE-2011-3669	Network	Medium	None Requ...
6.8	2012-01-02	CVE-2011-3668	Network	Medium	None Requ...
6.8	2012-01-02	CVE-2011-3667	Network	Medium	None Requ...
4.3	2012-01-02	CVE-2011-3657	Network	Medium	None Requ...
5	2011-08-09	CVE-2011-2978	Network	Low	None Requ...
4.3	2011-08-09	CVE-2011-2976	Network	Medium	None Requ...
4.3	2011-08-09	CVE-2011-2381	Network	Medium	None Requ...
5	2011-08-09	CVE-2011-2380	Network	Low	None Requ...
4.3	2011-08-09	CVE-2011-2379	Network	Medium	None Requ...
7.5	2011-01-28	CVE-2010-4568	Network	Low	None Requ...
5	2009-11-20	CVE-2009-3386	Network	Low	None Requ...
5	2009-09-15	CVE-2009-3166	Network	Low	None Requ...
7.5	2009-09-15	CVE-2009-3165	Network	Low	None Requ...

CWE : Common Weakness Enumeration

%	id	Name
20% (4)	CWE-264	Permissions, Privileges, and Access Controls
20% (4)	CWE-200	Information Exposure
15% (3)	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting')
10% (2)	CWE-352	Cross-Site Request Forgery (CSRF)
10% (2)	CWE-255	Credentials Management
Hide \| Show 4 More...

%	id	Name
10% (2)	CWE-20	Improper Input Validation
5% (1)	CWE-287	Improper Authentication
5% (1)	CWE-94	Failure to Control Generation of Code ('Code Injection')
5% (1)	CWE-89	Improper Sanitization of Special Elements used in an SQL Command ('...

Open Source Vulnerability Database (OSVDB)

id	Description
78062	Bugzilla User.offer_account_by_email Method user_can_create_account Value Par...
78061	Bugzilla report.cgi Real Name Field XSS
78060	Bugzilla chart.cgi label0 Parameter XSS
78059	Bugzilla attachment.cgi Attachment Addition CSRF
78058	Bugzilla post_bug.cgi Bug Report Creation CSRF
Hide \| Show 10 More...

id	Description
74303	Bugzilla BUGLIST Cookie XSS
74301	Bugzilla Account Email Change Notification Weakness
74300	Bugzilla Flagmail Attachment Description Header CRLF Injection
74299	Bugzilla Custom Search URL Parsing Group Name Disclosure
74298	Bugzilla Bug Creation / Editing URL Parsing Group Name Disclosure
74297	Bugzilla Patch Attachment Raw Unified Viewing Mode XSS
70700	Bugzilla srand Function Cookie / Token Random Value Weakness Arbitrary Accoun...
60271	Bugzilla Template.pm Bug Alias Information Disclosure
58089	Bugzilla token.cgi HTTP Referer Header URL Password Disclosure
58088	Bugzilla Bug.create WebService Function Unspecified SQL Injection

Copyright Security-Database 2006-2013 - Powered by themself ;) in 0.0694s

Facebook rss twitter linkedin mail